Subject: Re: How to get all the keys from servers?

Reinis Rozitis roze at
Mon Dec 4 23:00:15 UTC 2006


Why do all the evasive mods exists right in the webservers (mod_evasive in 
case of apache for example (and prolly couple another))...

In my opinion you should take it (defence) into another layer.

Well okay I'm happy people find a lot of ways to use Memcached still 
sometimes it seems just way too wrong.. just because un case of a real 
attack you would want to avoid hammering the php engine (which is cpu/memory 
intensive) at all and not to decide it in script. The .htacess approach may 
work but its kinda performance drawback..


----- Original Message ----- 
From: "Thomas Seifert" <thomas-lists at>
To: <memcached at>
Sent: Monday, December 04, 2006 11:50 PM
Subject: Re: Subject: Re: How to get all the keys from servers?

> Thats a simple approach I'm actually using.
> I'm putting every IP which hits my php-script into the database if it
> doesn't exist yet and if it exists I just increment its counter.
> If a certain threshold in a couple of seconds is reached the ip is
> blocked by adding a .htaccess-entry.
> No processing of all keys needed.
> thomas
> Jason Pirkey schrieb:
>> Jed:
>> If you are analyizing for attacks, it would be easier to do a real
>> time analysis with memcached, because at that point you will have the
>> IP address you are looking for -- do a hit to memcache to get its
>> counter and act accordingly (saving it to the database for later
>> analysis if it hits a certain threshold for instance.  This way you
>> will not have to do scanning of memcache and post processing.
>> -- Jason Pirkey (jason at <mailto:jason at>)
>>     ---------- Forwarded message ----------
>>     From: Jed Reynolds <lists at
>>     <mailto:lists at>>
>>     To: Brian Moon <brianm at <mailto:brianm at>>
>>     Date: Mon, 04 Dec 2006 13:19:39 -0800
>>     Subject: Re: How to get all the keys from servers?
>>     Brian Moon wrote:
>>     > Jed Reynolds wrote:
>>     >> I'd have a use for a method to get all keys as well. For
>>     instance, if I
>>     >> wanted to store all the IPs that hit my webserver, and how many
>>     times,
>>     >
>>     > Isn't that what web logs are for?
>>     >
>>     Grepping, awking and sorting thru gigs of logfiles isn't as quick
>>     as I'd
>>     like it to be. I've also considered piping apache logs thru syslog-ng
>>     and running it thru a filter. There's a lot of ways to analyze
>>     traffic.
>>     Memcache might fill a need pretty easily. Otherwise I'd have to
>>     write a
>>     PHP daemon or something and have to deal with sockets and timing out
>>     data and that's hardly worth the distraction.
>>     Jed
>>     _______________________________________________
>>     memcached mailing list
>>     memcached at <mailto:memcached at>

More information about the memcached mailing list