Date: Wed, 07 Apr 1999 18:56:37 +0100 From: Stuart Henderson <stuart@eclipse.net.uk> To: Ryan Mooney <ryan@pcslink.com> Cc: leifn@neland.dk, danny@hilink.com.au, wcooley@nakedape.navi.net, freebsd-isp@FreeBSD.ORG Subject: Re: Web Based Script Message-ID: <370B9C55.A7CE4059@eclipse.net.uk> References: <199904071730.KAA25311@pcslink.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> Yes but "clever hacker"(TM) can run multiple requests > in parrallel for either one which basically renders the > whole delay thing of questionable value. ahhh - if you are running from inetd then POP is better in that respect as you can limit the number of connections per IP address, so that's something I hadn't thought of :) (for anyone too tired to read man pages, add /0/foo after nowait where foo is the limit per IP per minute). in *that* case, then that is something httpd coders might want to think about (only on unauthenticated or bad attempts to login to a password-protected server). still not ideal, because "clever hacker" could be changing the source to any of <insert number of hardware virtual servers on some machine "clever hacker" has owned> IP addresses, but it does make it a bit more tricky for them. as you say, if Joe Luser knew what an ssl client cert was ... :) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?370B9C55.A7CE4059>