[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Ddos Prevention thru Throttleing

Subject: Re: [cobalt-security] Ddos Prevention thru Throttleing
From: Jaana Jarve <netcat@xxxxxxxxx>
Date: Wed, 16 Oct 2002 16:59:05 +0300 (EEST)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Wed, 16 Oct 2002, Jamie - i-Dot wrote:

> I would like to lock down a few users aswell, who run some perl scripts,
> which have the 'potential' to be used to resource starve the box...

yup, it only takes one malicious or simply clueless cgi user to DoS your
box. it is very simple. it's a wonder it doesn't happen all the time
(deducing from a singular lack of posts on Cobalt lists on this subject).
or perhaps this is what all those unsolved "box suddenly stops responding" posts are.
unless you happen to watch top at the same time you'd never catch the
user.

cgiwrap has resource limiting capabilities. it would make a lot of sense
to use them. unfortunately, it looks like rlimit support was not enabled
on the Cobalt install of cgiwrap.

if anyone has successfully recompiled cgiwrap, without breaking anything,
pointers would be most welcome.

rgds,
netcat

References:
- [cobalt-security] Ddos Prevention thru Throttleing
  - From: Jamie - i-Dot

Prev by Date: Re: [cobalt-security] Ddos Prevention thru Throttleing
Next by Date: RE: [cobalt-security] Ddos Prevention thru Throttleing
Previous by thread: RE: [cobalt-security] Ddos Prevention thru Throttleing
Next by thread: Re: [cobalt-security] solarspeed openssl package

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index