Andrew Morgan wrote: > On Mon, 21 May 2007, Matthew Schumacher wrote: > >> List, >> >> And this spammer is racking up a zillion processes which is killing my >> machine. I need a way to throttle this somehow where he is only allowed >> one connection per IP at a time, or perhaps a way to ignore them after >> so many invalid passwords. >> >> Anyone know of a way to do this? > > You can use tcp-wrappers to block connections from that IP address > entirely. I believe there are also some solutions to monitor > connections and automatically add IP addresses to the /etc/hosts.deny > file, but I've never used them myself. > > Andy These types of threats are becoming more and more common and in reaction awareness is increasing and more software seems to be implementing mechanisms to cope. I would personally love to see Cyrus implement some sort of connection limit or throttling per IP/network/user. The current process limits do help ensure that one daemon does not make the machine unusable, but does nothing to prevent a DoS attack. -Blake ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
