|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Questions about adding additional connections to a sessionOn Sat, 16 Nov 2002, Julian Satran wrote: > Bill, > > You want to work both without a security envelope and to resist an active > attack... Agreed. > If you keep letting in in your hypothetical attacker time after time then > you certainly have a pretty weak security. > This type of attacks are not uncommon on servers with a limited number of > threads and the can be stopped by blocking the intruder through some other > means (IP address filtering etc.). Just to run with the idea, say the attacker is a hostile process on the initiator? :-) > And regardless of when you declare a connection in session and count it in > the limit - this type of attack will consume some resources if it reaches > your system. Agreed. Take care, Bill
Home Last updated: Sun Nov 17 21:18:54 2002 12032 messages in chronological order |