projects / irc.git / blame
| Commit | Line | Data |
|---|---|---|
| 3bd189cb JR |
1 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> |
| 2 | <HTML> | |
| 3 | <HEAD> | |
| 4 | <TITLE> [IRCServices] Attacks on services | |
| 5 | </TITLE> | |
| 6 | <LINK REL="Index" HREF="index.html" > | |
| 7 | <LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Attacks%20on%20services&In-Reply-To=20040728193543.57172.qmail%40web53104.mail.yahoo.com"> | |
| 8 | <META NAME="robots" CONTENT="index,nofollow"> | |
| 9 | <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> | |
| 10 | <LINK REL="Previous" HREF="004557.html"> | |
| 11 | <LINK REL="Next" HREF="004559.html"> | |
| 12 | </HEAD> | |
| 13 | <BODY BGCOLOR="#ffffff"> | |
| 14 | <H1>[IRCServices] Attacks on services</H1> | |
| 15 | <B>Andrew Church</B> | |
| 16 | <A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Attacks%20on%20services&In-Reply-To=20040728193543.57172.qmail%40web53104.mail.yahoo.com" | |
| 17 | TITLE="[IRCServices] Attacks on services">achurch at achurch.org | |
| 18 | </A><BR> | |
| 19 | <I>Thu Jul 29 09:49:36 PDT 2004</I> | |
| 20 | <P><UL> | |
| 21 | <LI>Previous message: <A HREF="004557.html">[IRCServices] Attacks on services | |
| 22 | </A></li> | |
| 23 | <LI>Next message: <A HREF="004559.html">[IRCServices] Attacks on services | |
| 24 | </A></li> | |
| 25 | <LI> <B>Messages sorted by:</B> | |
| 26 | <a href="date.html#4558">[ date ]</a> | |
| 27 | <a href="thread.html#4558">[ thread ]</a> | |
| 28 | <a href="subject.html#4558">[ subject ]</a> | |
| 29 | <a href="author.html#4558">[ author ]</a> | |
| 30 | </LI> | |
| 31 | </UL> | |
| 32 | <HR> | |
| 33 | <!--beginarticle--> | |
| 34 | <PRE>><i>it will be helpful a general limit for the register | |
| 35 | </I>><i>command for nicknames and channels?... something like | |
| 36 | </I>><i>this: X new registered nicknames and channels per X | |
| 37 | </I>><i>minute(s) are allowed. | |
| 38 | </I> | |
| 39 | The problem with this, of course, is it enables denial-of-service | |
| 40 | attacks: bring on X bots, have them each register their nick, and then | |
| 41 | nobody can use REGISTER for the next Y minutes. The bots don't even have | |
| 42 | to stay online, making it harder to track them. | |
| 43 | ||
| 44 | ><i>i think an automatic temp ignore for flooding will also help. | |
| 45 | </I> | |
| 46 | "Flooding", in the sense of "sending too much data for Services to | |
| 47 | handle", is unfortunately not that easy to detect--it's largely dependent | |
| 48 | on how powerful the machine running Services is. Services already has an | |
| 49 | ignore system (as could have been seen from the log originally posted), but | |
| 50 | I'm not at all sure of its effectiveness. | |
| 51 | ||
| 52 | --Andrew Church | |
| 53 | <A HREF="http://www.ircservices.za.net/mailman/listinfo/ircservices">achurch at achurch.org</A> | |
| 54 | <A HREF="http://achurch.org/">http://achurch.org/</A> | |
| 55 | ||
| 56 | ||
| 57 | </PRE> | |
| 58 | ||
| 59 | <!--endarticle--> | |
| 60 | <HR> | |
| 61 | <P><UL> | |
| 62 | <!--threads--> | |
| 63 | <LI>Previous message: <A HREF="004557.html">[IRCServices] Attacks on services | |
| 64 | </A></li> | |
| 65 | <LI>Next message: <A HREF="004559.html">[IRCServices] Attacks on services | |
| 66 | </A></li> | |
| 67 | <LI> <B>Messages sorted by:</B> | |
| 68 | <a href="date.html#4558">[ date ]</a> | |
| 69 | <a href="thread.html#4558">[ thread ]</a> | |
| 70 | <a href="subject.html#4558">[ subject ]</a> | |
| 71 | <a href="author.html#4558">[ author ]</a> | |
| 72 | </LI> | |
| 73 | </UL> | |
| 74 | ||
| 75 | </body></html> |