Shawn, Thanks for the response.
It's a lovely thought, but it's not as simple as sticking in a firewall I am afraid .. that leaves me open to attacks that can't be blocked by the firewall .. such as attacks from inside the firewall, or attacks from outside that use the correct port and appear to come from a valid IP address (unless I block tcp connections from the internet zone, which I cannot do). I was just wondering if anyone did anything to reduce the impact of high volume brute force attacks against the listening socket, that cannot be blocked in any trivial way (such as the firewall). I take it the answer's "no" then. ----- Original Message ----- From: "Shawn P. Stanley" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, August 18, 2003 9:38 PM Subject: Re: OpenSSL denial of service > I use a firewall, myself. > > On 8/18/03 3:08 PM, "Neil Humphreys" <[EMAIL PROTECTED]> wrote: > > > Hi > > Has anyone got any good examples / advice / tricks for reducing the impact of > > denial-of-service attacks on an SSL listening socket? > > > > cheers > > Neil > > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
