Date: Wed, 26 Aug 1998 14:05:01 -0700 (PDT) From: Matt Dillon <dillon@FreeBSD.ORG> To: Brian Somers <brian@Awfulhak.org> Cc: Eivind Eklund <eivind@yes.no>, cvs-committers@FreeBSD.ORG Subject: Re: cvs commit: src/sbin/ping ping.8 ping.c Message-ID: <199808262105.OAA06943@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
:[.....] : :I agree. It's pointless anyway, as a user can : : while :; do ping blah; done : :> Eivind. It's moot, but I would like to say that it isn't *quite* pointless. We have had good success making machines near-uncrashable, even with users (i.e. stolen password IRC hackers) trying to crash one. While it isn't fullproof, I've found that limiting the number of processes a user can run to 32 or so solves many of the DOS-from-user-account issues. Memory starvation attacks are still a big issue, but the list can be pared down considerably. -Matt :-- :Brian <brian@Awfulhak.org>, <brian@FreeBSD.org>, <brian@OpenBSD.org> : <http://www.Awfulhak.org> :Don't _EVER_ lose your sense of humour.... : :
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808262105.OAA06943>