2

Bit of an odd one this. We have a very political management situation brewing and as the developer looking after the interaction with the hosting company, I have been asked to perform a bit of sabotage to test out our infrastructure providers monitoring and response times to failure in the hosting environment.

Essentially we want one of our Apache nodes to fail and stop responding to requests. I know the load balancer will take it out of the pool very quickly so no worries about that.

I have root access to all servers.

So, what are your favourite ways to bork an apache server without it looking like you are intentionally breaking it? Any way of locking up the entire box would be preferable.

Environment is Apache running on RHEL 5.

John Gardeniers
  • 27,458
  • 12
  • 55
  • 109
Nick Downton
  • 492
  • 2
  • 13

5 Answers5

17

If you are interested in monitoring and response times, then just stop Apache. That should be enough to trigger an alert and a response.

ramruma
  • 2,740
  • 1
  • 15
  • 8
9

Do a sudo su apache and execute a fork bomb with 

 :(){ :|:& };:

This kind of behavior is common enough in programming mistakes to not raise many eyebrows. Plus it locks up.the whole server.

EDIT - As pointed out there may be legal limitations for executing this on hosted hardware. Also depending on your configuration this may only work running under the root account.

Tim Brigham
  • 15,545
  • 10
  • 75
  • 115
  • 3
    I should be wary of doing anything that might break contracts, acceptable use policies, or even the law in some countries, especially as there is "a very political management situation brewing". – ramruma May 25 '12 at 12:57
  • @ramruma That's the point of this whole question... – TheLQ May 25 '12 at 13:37
  • On RHEL (and most properly configured distros) the Apache user doesn't have a shell so you can't execute a command in this manner. Command works nicely though :) – James Yale May 25 '12 at 15:09
1

Any way of locking up the entire box would be preferable.

Kind of dramatic but you can force a crash/panic on the system with:

echo c > /proc/sysrq-trigger

Provided that:

cat /proc/sys/kernel/sysrq

has a value greater than 0.

HTTP500
  • 4,833
  • 4
  • 23
  • 31
0

http://httpd.apache.org/docs/2.0/programs/ab.html

and you can perform a lot of requests

mazgalici
  • 257
  • 2
  • 5
  • 11
  • 2
    Under "a very political management situation brewing" I would not DoS a web server. – Janne Pikkarainen May 25 '12 at 13:35
  • @JannePikkarainen That's the point of this whole question... However I do wonder if a DoS attack will trigger a response at all – TheLQ May 25 '12 at 13:47
  • Yes, but using ab is so blatantly obvious anyone can catch you from using it. I can use bazooka, but it sure ain't a silent way to get someone's attention. – Janne Pikkarainen May 25 '12 at 14:19
  • @TheLQ, I see nothing in the question to suggest that there is a desire to aggravate an already bad relationship. The question is about testing of the monitoring system and subsequent response, not pissing people off. – John Gardeniers May 26 '12 at 13:25
0

Depending on the situation you want to try, I would just use a mod_rewrite directive to redirect all request to an non existing page, generating a 404 error. Not sure it complies with your definition of "stop responding to requests".

If you want to push it to a machine error, you could just down the network adapter. Apache can't get request, nor can you ssh the machine. This would simulate a network failure (broken cable or other). Downside, you'll need to access the physical server to bring it up (or reboot it).

M'vy
  • 228
  • 4
  • 11
  • A 404 is still a response. It would also break the web site and from my reading of the question that's not what is intended at all. You will note that the OP has mentioned that the load balancer will ensure users won't really notice the targeted server going down. – John Gardeniers May 26 '12 at 13:27