>>>>> "Mark" == Mark Murray <[EMAIL PROTECTED]> writes:
Mark> o A username may only be checked $number times per
Mark> $timeperiod; after that, _all_ answers are silently
Mark> converted to "no".
Umm, massive DOS hole.
Mark> o Daemon may only be invoked $number times per $timeperiod;
Mark> refuses to fork after that.
Another massive DOS hole.
Mark> o Daemon will delay $timeperiod before returning answer.
This is the correct way to deal with (perceived) attacks.
Mark> ... etc. There are possibilities for DoS attacks, but the
Mark> daemon talks only to a Unix Domain Socket, so finding the
Mark> perp is easy.
Not if the daemon has shut itself off due to load (#1 or #2 above) and you
aren't currently logged in to the box.
--lyndon
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-current" in the body of the message
- Re: Crypto progress! (And a Biiiig TODO list) Mark Murray
- Re: Crypto progress! (And a Biiiig TODO list) Peter Wemm
- Re: Crypto progress! (And a Biiiig TODO list) Daniel O'Connor
- Re: Crypto progress! (And a Biiiig TODO list) Mark Murray
- Re: Crypto progress! (And a Biiiig TODO list... Garrett Wollman
- Re: Crypto progress! (And a Biiiig TODO ... Lyndon Nerenberg
- Re: Crypto progress! (And a Biiiig ... Garrett Wollman
- Re: Crypto progress! (And a Bii... Lyndon Nerenberg
- Re: Crypto progress! (And a Bii... Mark Murray
- Re: Crypto progress! (And a Biiiig TODO ... Mark Murray
- Re: Crypto progress! (And a Biiiig TODO list... Lyndon Nerenberg
- Re: Crypto progress! (And a Biiiig TODO ... Wes Peters
- Re: Crypto progress! (And a Biiiig ... Jon Hamilton
- Re: Crypto progress! (And a Bii... Wes Peters
- Re: Crypto progress! (And a Biiiig TODO ... Robert Watson
- Re: Crypto progress! (And a Biiiig ... Mark Murray
- Re: Crypto progress! (And a Bii... Garrett Wollman
- Re: Crypto progress! (And a Bii... Mark Murray
- Re: Crypto progress! (And a Bii... Alfred Perlstein
- Re: Crypto progress! (And a Biiiig TODO ... Mark Murray
- Re: Crypto progress! (And a Biiiig TODO list... Paul Richards
