Date: Thu, 12 Jan 2012 04:44:07 +0400 From: Solar Designer <solar@...nwall.com> To: oss-security@...ts.openwall.com Subject: Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Hi, FWIW, the approach with per source IP address limits is also used in ModSecurity's SecReadStateLimit and SecWriteStateLimit directives: http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecReadStateLimit SecWriteStateLimit is now being talked about in context of slow read attacks: http://blog.spiderlabs.com/2012/01/modsecurity-advanced-topic-of-the-week-mitigation-of-slow-read-denial-of-service-attack.html Alexander
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.