Date: Wed, 26 Aug 1998 14:05:01 -0700 (PDT) From: Matt Dillon <dillon@FreeBSD.ORG> To: Brian Somers <brian@Awfulhak.org> Cc: Eivind Eklund <eivind@yes.no>, cvs-committers@FreeBSD.ORG Subject: Re: cvs commit: src/sbin/ping ping.8 ping.c Message-ID: <199808262105.OAA06943@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
:[.....]
:
:I agree. It's pointless anyway, as a user can
:
: while :; do ping blah; done
:
:> Eivind.
It's moot, but I would like to say that it isn't *quite* pointless. We
have had good success making machines near-uncrashable, even with
users (i.e. stolen password IRC hackers) trying to crash one. While
it isn't fullproof, I've found that limiting the number of processes
a user can run to 32 or so solves many of the DOS-from-user-account
issues. Memory starvation attacks are still a big issue, but the list
can be pared down considerably.
-Matt
:--
:Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org>
: <http://www.Awfulhak.org>;
:Don't _EVER_ lose your sense of humour....
:
:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808262105.OAA06943>