Re: linux-kernel-digest V1 #4553

Robert Dinse (nanook@eskimo.com)
Mon, 4 Oct 1999 18:06:18 -0700 (PDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: WANG,YIDING: "RE: SMP system panic with down/up calls for locking. Need help o"
Previous message: Andrea Arcangeli: "ntpd SMP races"

On Mon, 4 Oct 1999 Andrei Alexandru scribbled:
>
> I wrote a patch to the linux networking part of the kernel which allows
> you to aviod denial of service. Basicaly it does a more accurate
> accounting of sockets and does not let more then MAXCONNFROMONEIP
> connetions from the same ip.
> Do you think this patch is of any use ? If yes , I will send the sources.
>
> Alexandru Andrei
> CS Dept., 'Politehnica' University of Timisoara, Romania

There is a denial-of-service program called "octopus", and a variant
called "spider" (not to be confused with a web spider), whose sole purpose is
to consume all of the resources, usually file descriptors, of a target machine.

This patch would be a useful in preventing such a program from being
effective; it would also be useful on IRC servers for limiting clone bots.

In a word, YES, it would be very useful functionality.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: WANG,YIDING: "RE: SMP system panic with down/up calls for locking. Need help o"
Previous message: Andrea Arcangeli: "ntpd SMP races"