> On Wednesday 13 April 2005 23:55, Hexren wrote: >> > Just an idea... >> >> > Benjamin Rossen >> >> --------------------------------------------- >> >> Sounds fun but opens the door for every local user with ssh access to >> DOS the machine he is on. I am not that found of the idea.
> Not at all. Let us say that a trusted authority were to operate the central > server. The central server would not authorize a coordinated defensive DOS > unless there were to be evidence that the cracker had been attacking many > machines - perhaps the criterion could be framed to trigger a defensive DOS > only if it were established that the cracker had been attacking many > disparate machines in different parts of the world. > Who is tracking this kind of thing centrally? No one. When you find that > someone is trying to get into one of your servers you have no idea of what > else that individual may be doing. A central trusted authority would know. > Benjamin Rossen --------------------------------------------- "Central _trusted_ authority" leaves a bitter taste in my mouth... but then I may be paranoid. Anyway if I am a local user on a machine and I have access to an ssh binary (that is what I meant with "ssh access") and bash, I can churn out connections with the only limit beeing my bandwith and system limits on the number of processes I can run at one time. But even with these set to sensible defaults say 10 processes and 1/10 of site bw. I am able to "attack many disparate machines in different parts of the world" therefore I am able to trigger a _defensive_ DoS against the machine in that I am. Regards Hexren _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"