OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   Re: [xml-dev] Re: Can A Web Site Be Reliably Defended Against DoS Attac

[ Lists Home | Date Index | Thread Index ]

this doesn't fix the problem of the initial packets having to be scanned
before you can start rejecting, or the buffered packets up the line
screwing up routers etc

rick

On Thu, 2004-02-05 at 09:02, Oleg Dulin wrote:
> Well, along these lines WordPress, the blog software that I use, 
> prevents comment spam by making sure that users with the same IP can't 
> post more often than every 30 seconds. This makes spambots useless and 
> expensive to run.
> 
> Same can be applied to web application protection, i.e. a single IP 
> cannot make more than N hits/second or something of that sort.
> 
> Of course, this won't work for people who don't have a unique IP, i.e. 
> people behind routers and firewalls.
> 
> Oleg
> 
> Rick Marshall wrote:
> > dos attacks can be managed - there's plenty of ways to do this - a lot
> > of work has gone into linux tcp stacks and netfilter to make the more
> > common attacks manageable. but like all defense systems - you're never
> > quote sure where and how the next attack will come. just as you get the
> > stone walls and moats built someone invents the aeroplane....
> > 
> > if the attack comes as web requests or emails there's not a lot you can
> > do because you need to read part of the message to have any chance of
> > working it out.
> > 
> > if you run a public website (don't we all?) you rely on the community
> > spirit... 
> > 
> > rick
> > 
> > On Thu, 2004-02-05 at 06:56, Bullard, Claude L (Len) wrote:
> > 
> >>Out of the blue... what are the defenses against DoS attacks? 
> >>Are they reliable or proximate?
> >>
> >>It seems to me that when the virusHasADoSAgenda events happen, 
> >>the credibility of the web architecture and the Internet 
> >>architecture for mission critical apps drops dramatically. 
> >>
> >>len
> >>
> >>-----------------------------------------------------------------
> >>The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
> >>initiative of OASIS <http://www.oasis-open.org>
> >>
> >>The list archives are at http://lists.xml.org/archives/xml-dev/
> >>
> >>To subscribe or unsubscribe from this list use the subscription
> >>manager: <http://lists.xml.org/ob/adm.pl>
> >>
> > 
> > 
> > -----------------------------------------------------------------
> > The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
> > initiative of OASIS <http://www.oasis-open.org>
> > 
> > The list archives are at http://lists.xml.org/archives/xml-dev/
> > 
> > To subscribe or unsubscribe from this list use the subscription
> > manager: <http://lists.xml.org/ob/adm.pl>
> > 
> > 
> 
> 
> -----------------------------------------------------------------
> The xml-dev list is sponsored by XML.org <http://www.xml.org>, an
> initiative of OASIS <http://www.oasis-open.org>
> 
> The list archives are at http://lists.xml.org/archives/xml-dev/
> 
> To subscribe or unsubscribe from this list use the subscription
> manager: <http://lists.xml.org/ob/adm.pl>
> 





 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS