Date: Thu, 09 Jul 1998 09:46:38 +0800 From: Stephen Hocking-Senior Programmer PGS Tensor Perth <shocking@prth.pgs.com> To: "Daniel O'Connor" <doconnor@gsoft.com.au> Cc: current@FreeBSD.ORG Subject: Re: Rate limit for system calls to prevent denial of service attacks? Message-ID: <199807090146.JAA15831@ariadne.tensor.pgs.com> In-Reply-To: Your message of "Thu, 09 Jul 1998 10:30:23 %2B0930." <199807090100.KAA20575@cain.gsoft.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > Limiting CPU time per process or user is probably not sufficient, > > unless you set it to absurdly small limits. It looks to me like we > > need some sort of *rate limiting* for system calls. Anybody looked > > at this? > Hmm.. a neat idea :) > I think this in conjunction with a decent sized process limit would be quite > useful. Why does this whole discussion remind me of Softway's Fair SHare Scheduler, which was developed for a student environment? Basically, if the machine's under load, it allows you to limit the CPU used by a given group to X%. It was the subject of a couple of Usenix papers in the 80s as I recall. Sheesh, I'm sure BDE's heard of it, being a part of the Sydney Unix Mafia. Stephen To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807090146.JAA15831>