Gonzalo Arana wrote:
Hi,
Keeping whitelist up to date is rather tricky.
How about having any/all of these directives?
# time between accept(2) call and the full request has been read.
RequestTimeout 1
# minimum bandwith the user should have available to access this server.
MinInRate 2KB/s
MinOutRate 3KB/s
That'll completely exclude people on slow connections!
But it's something you could implement in a bandwidth-management
module.
One extra note: it would be good to let these Min{In,Out}Rate be
overriden for large files (audio/video files, for instance).
You don't have anything as specific as a file in a slowloris-type
attack. You appear to be envisaging something much closer to
various (existing, third-party) bandwidth-management modules.
--
Nick Kew