Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 26 Aug 1998 14:05:01 -0700 (PDT)
From:      Matt Dillon <dillon@FreeBSD.ORG>
To:        Brian Somers <brian@Awfulhak.org>
Cc:        Eivind Eklund <eivind@yes.no>, cvs-committers@FreeBSD.ORG
Subject:   Re: cvs commit: src/sbin/ping ping.8 ping.c 
Message-ID:  <199808262105.OAA06943@freefall.freebsd.org>

next in thread | raw e-mail | index | archive | help
:[.....]
:
:I agree.  It's pointless anyway, as a user can 
:
:  while :; do ping blah; done
:
:> Eivind.

    It's moot, but I would like to say that it isn't *quite* pointless.  We
    have had good success making machines near-uncrashable, even with 
    users (i.e. stolen password IRC hackers) trying to crash one.  While
    it isn't fullproof, I've found that limiting the number of processes
    a user can run to 32 or so solves many of the DOS-from-user-account
    issues.  Memory starvation attacks are still a big issue, but the list
    can be pared down considerably.

						-Matt

:-- 
:Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org>
:      <http://www.Awfulhak.org>;
:Don't _EVER_ lose your sense of humour....
:
:




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808262105.OAA06943>