[Seaside] Combating a possible DoS attack.
Randal L. Schwartz
merlyn at stonehenge.com
Fri Jan 11 21:11:09 UTC 2008
>>>>> "Nevin" == Nevin Pratt <nevin at bountifulbaby.com> writes:
Nevin> The following code, if inserted into the initial Seaside processing, I
Nevin> would think *should* help guard against a DoS attack. In this example,
Nevin> 'MemCheckCounter' is a class variable. I thought I would post this to
Nevin> see what comments (if any) it generates.
Well, you're trading one kind of DoS for another. Now someone can
pound on you, and trigger you to reset every continuation, and ruin
everyone's day anyway.
What you need is a bit more smarts... someone coming in from the same
IP for example... a bit harder to fake.
--
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn at stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!
More information about the seaside
mailing list