]>
Commit | Line | Data |
---|---|---|
3bd189cb JR |
1 | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> |
2 | <HTML> | |
3 | <HEAD> | |
4 | <TITLE> [IRCServices] Attacks on services | |
5 | </TITLE> | |
6 | <LINK REL="Index" HREF="index.html" > | |
7 | <LINK REL="made" HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Attacks%20on%20services&In-Reply-To=20040728193543.57172.qmail%40web53104.mail.yahoo.com"> | |
8 | <META NAME="robots" CONTENT="index,nofollow"> | |
9 | <META http-equiv="Content-Type" content="text/html; charset=us-ascii"> | |
10 | <LINK REL="Previous" HREF="004557.html"> | |
11 | <LINK REL="Next" HREF="004559.html"> | |
12 | </HEAD> | |
13 | <BODY BGCOLOR="#ffffff"> | |
14 | <H1>[IRCServices] Attacks on services</H1> | |
15 | <B>Andrew Church</B> | |
16 | <A HREF="mailto:ircservices%40ircservices.za.net?Subject=%5BIRCServices%5D%20Attacks%20on%20services&In-Reply-To=20040728193543.57172.qmail%40web53104.mail.yahoo.com" | |
17 | TITLE="[IRCServices] Attacks on services">achurch at achurch.org | |
18 | </A><BR> | |
19 | <I>Thu Jul 29 09:49:36 PDT 2004</I> | |
20 | <P><UL> | |
21 | <LI>Previous message: <A HREF="004557.html">[IRCServices] Attacks on services | |
22 | </A></li> | |
23 | <LI>Next message: <A HREF="004559.html">[IRCServices] Attacks on services | |
24 | </A></li> | |
25 | <LI> <B>Messages sorted by:</B> | |
26 | <a href="date.html#4558">[ date ]</a> | |
27 | <a href="thread.html#4558">[ thread ]</a> | |
28 | <a href="subject.html#4558">[ subject ]</a> | |
29 | <a href="author.html#4558">[ author ]</a> | |
30 | </LI> | |
31 | </UL> | |
32 | <HR> | |
33 | <!--beginarticle--> | |
34 | <PRE>><i>it will be helpful a general limit for the register | |
35 | </I>><i>command for nicknames and channels?... something like | |
36 | </I>><i>this: X new registered nicknames and channels per X | |
37 | </I>><i>minute(s) are allowed. | |
38 | </I> | |
39 | The problem with this, of course, is it enables denial-of-service | |
40 | attacks: bring on X bots, have them each register their nick, and then | |
41 | nobody can use REGISTER for the next Y minutes. The bots don't even have | |
42 | to stay online, making it harder to track them. | |
43 | ||
44 | ><i>i think an automatic temp ignore for flooding will also help. | |
45 | </I> | |
46 | "Flooding", in the sense of "sending too much data for Services to | |
47 | handle", is unfortunately not that easy to detect--it's largely dependent | |
48 | on how powerful the machine running Services is. Services already has an | |
49 | ignore system (as could have been seen from the log originally posted), but | |
50 | I'm not at all sure of its effectiveness. | |
51 | ||
52 | --Andrew Church | |
53 | <A HREF="http://www.ircservices.za.net/mailman/listinfo/ircservices">achurch at achurch.org</A> | |
54 | <A HREF="http://achurch.org/">http://achurch.org/</A> | |
55 | ||
56 | ||
57 | </PRE> | |
58 | ||
59 | <!--endarticle--> | |
60 | <HR> | |
61 | <P><UL> | |
62 | <!--threads--> | |
63 | <LI>Previous message: <A HREF="004557.html">[IRCServices] Attacks on services | |
64 | </A></li> | |
65 | <LI>Next message: <A HREF="004559.html">[IRCServices] Attacks on services | |
66 | </A></li> | |
67 | <LI> <B>Messages sorted by:</B> | |
68 | <a href="date.html#4558">[ date ]</a> | |
69 | <a href="thread.html#4558">[ thread ]</a> | |
70 | <a href="subject.html#4558">[ subject ]</a> | |
71 | <a href="author.html#4558">[ author ]</a> | |
72 | </LI> | |
73 | </UL> | |
74 | ||
75 | </body></html> |