If someone has implemented software protection (that isn't already in place), I sure hope they share it with the rest of us.
That's really the only level where we as SSL programmers have reasonable control, but only after making sure we have a good firewall and a solid TCP/IP stack in place. On 8/19/03 1:24 PM, "Neil Humphreys" <[EMAIL PROTECTED]> wrote: > Shawn, > > Thanks for the response. > > It's a lovely thought, but it's not as simple as sticking in a firewall I am > afraid .. that leaves > me open to attacks that can't be blocked by the firewall .. > such as attacks from inside the firewall, or attacks from outside that use > the correct port and appear to come from a valid IP address (unless I > block tcp connections from the internet zone, which I cannot do). > > I was just wondering if anyone did anything to reduce the impact of high > volume brute force attacks against the listening socket, that cannot be > blocked in any trivial way (such as the firewall). > > I take it the answer's "no" then. > > > ----- Original Message ----- > From: "Shawn P. Stanley" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, August 18, 2003 9:38 PM > Subject: Re: OpenSSL denial of service > > >> I use a firewall, myself. >> >> On 8/18/03 3:08 PM, "Neil Humphreys" <[EMAIL PROTECTED]> wrote: >> >>> Hi >>> Has anyone got any good examples / advice / tricks for reducing the > impact of >>> denial-of-service attacks on an SSL listening socket? >>> >>> cheers >>> Neil >>> >> >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List [EMAIL PROTECTED] >> Automated List Manager [EMAIL PROTECTED] > > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]