en.wikipedia.org/wiki/Denial-of-service_attack
2 corrections found
Dyn which is the ISP for sites such as Twitter, Netflix, etc.
Dyn was not an ISP for Twitter or Netflix. Dyn was a DNS provider/managed DNS service, and the 2016 attack targeted its DNS infrastructure.
Full reasoning
This misidentifies Dyn. During the October 2016 Mirai incident, Dyn was widely described as a DNS provider or managed DNS provider, not an Internet service provider for sites like Twitter and Netflix.
That distinction matters: the attack disrupted Dyn's DNS services, which made many major websites difficult to reach because domain names were not resolving properly. It was not because Dyn was those sites' ISP.
2 sources
- DNS provider Dyn hit by DDoS attack that takes out major sites - Computerworld
"Some of the biggest names on the internet ... were temporarily knocked offline by a DDoS attack that targeted DNS provider Dyn" and "Dyn is a managed DNS provider".
- Internet struggles? It's not you. A colossal attack has crippled America's web address book | PBS News
"hackers performed a DDoS attack against Dyn's Domain Name System services."
the Apache HTTP Server will, by default, accept requests up to 2GB in size
This default-size claim is incorrect. Current Apache documentation says the default request-body limit is 1 GiB, and older versions used 0 (unlimited) — not 2 GB.
Full reasoning
Apache's own documentation does not show a default request-body limit of 2 GB.
- The Apache HTTP Server documentation for
LimitRequestBodylists the default as 1073741824 bytes (1 GiB). - The same documentation notes that in Apache HTTP Server 2.4.53 and earlier, the default was 0 (unlimited).
- Red Hat's guidance on the Apache change likewise says the default was changed from 0 (unlimited) to 1 GiB.
So “2GB by default” is not the documented default for current Apache, and it was not the documented older default either.
2 sources
- core - Apache HTTP Server Version 2.5
For `LimitRequestBody`, Apache documents `Default: LimitRequestBody 1073741824` and notes: `In Apache HTTP Server 2.4.53 and earlier, the default value was 0 (unlimited)`.
- A new default for the LimitRequestBody directive in httpd configuration - Red Hat Customer Portal
Red Hat says the default `LimitRequestBody` value in Apache HTTP Server changed `from 0 (unlimited) to 1 GiB`.