From owner-freebsd-current Fri Feb 18 8:55:40 2000 Delivered-To: freebsd-current@freebsd.org Received: from ind.alcatel.com (postal.xylan.com [208.8.0.248]) by hub.freebsd.org (Postfix) with ESMTP id C679637B9E1; Fri, 18 Feb 2000 08:55:33 -0800 (PST) (envelope-from wes@softweyr.com) Received: from mailhub.xylan.com (mailhub [198.206.181.70]) by ind.alcatel.com (8.9.3+Sun/8.9.1 (ind.alcatel.com 3.0 [OUT])) with SMTP id IAA22416; Fri, 18 Feb 2000 08:54:49 -0800 (PST) X-Origination-Site: Received: from omni.xylan.com by mailhub.xylan.com (SMI-8.6/SMI-SVR4 (mailhub 2.1 [HUB])) id IAA01047; Fri, 18 Feb 2000 08:54:49 -0800 Received: from softweyr.com (homer.softweyr.com [204.68.178.39]) by omni.xylan.com (8.9.3+Sun/8.9.1 (Xylan engr [SPOOL])) with ESMTP id IAA22477; Fri, 18 Feb 2000 08:54:41 -0800 (PST) Message-ID: <38AD7AE3.B4BEB308@softweyr.com> Date: Fri, 18 Feb 2000 10:01:23 -0700 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 3.3-RELEASE i386) X-Accept-Language: en MIME-Version: 1.0 To: Lyndon Nerenberg Cc: Mark Murray , Peter Wemm , current@freebsd.org, committers@freebsd.org Subject: Re: Crypto progress! (And a Biiiig TODO list) References: <200002181628.e1IGS9P48266@orthanc.ab.ca> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Lyndon Nerenberg wrote: > > >>>>> "Mark" == Mark Murray writes: > > Mark> o A username may only be checked $number times per > Mark> $timeperiod; after that, _all_ answers are silently > Mark> converted to "no". > > Umm, massive DOS hole. Per username. If you publish your userlist, you're an idiot. The daemon should also immediately go into "breakin evasion mode" for all invalid usernames, answering the requests very slowly. > Mark> o Daemon may only be invoked $number times per $timeperiod; > Mark> refuses to fork after that. > > Another massive DOS hole. Right, this one doesn't fly. > Mark> o Daemon will delay $timeperiod before returning answer. > > This is the correct way to deal with (perceived) attacks. Please, not for a single valid request, or even two. Let's give the user the opportunity to login, and perhaps to goober their password once, before screwing them. > Mark> ... etc. There are possibilities for DoS attacks, but the > Mark> daemon talks only to a Unix Domain Socket, so finding the > Mark> perp is easy. > > Not if the daemon has shut itself off due to load (#1 or #2 above) and you > aren't currently logged in to the box. Sure there is, it's called logging. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message