Date: Fri, 18 Feb 2000 10:01:23 -0700 From: Wes Peters <wes@softweyr.com> To: Lyndon Nerenberg <lyndon@orthanc.ab.ca> Cc: Mark Murray <mark@grondar.za>, Peter Wemm <peter@netplex.com.au>, current@freebsd.org, committers@freebsd.org Subject: Re: Crypto progress! (And a Biiiig TODO list) Message-ID: <38AD7AE3.B4BEB308@softweyr.com> References: <200002181628.e1IGS9P48266@orthanc.ab.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Lyndon Nerenberg wrote:
>
> >>>>> "Mark" == Mark Murray <mark@grondar.za> writes:
>
> Mark> o A username may only be checked $number times per
> Mark> $timeperiod; after that, _all_ answers are silently
> Mark> converted to "no".
>
> Umm, massive DOS hole.
Per username. If you publish your userlist, you're an idiot. The
daemon should also immediately go into "breakin evasion mode" for
all invalid usernames, answering the requests very slowly.
> Mark> o Daemon may only be invoked $number times per $timeperiod;
> Mark> refuses to fork after that.
>
> Another massive DOS hole.
Right, this one doesn't fly.
> Mark> o Daemon will delay $timeperiod before returning answer.
>
> This is the correct way to deal with (perceived) attacks.
Please, not for a single valid request, or even two. Let's give the
user the opportunity to login, and perhaps to goober their password
once, before screwing them.
> Mark> ... etc. There are possibilities for DoS attacks, but the
> Mark> daemon talks only to a Unix Domain Socket, so finding the
> Mark> perp is easy.
>
> Not if the daemon has shut itself off due to load (#1 or #2 above) and you
> aren't currently logged in to the box.
Sure there is, it's called logging.
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?38AD7AE3.B4BEB308>