On Fri, Oct 01, 1999 at 11:39:06AM -0700, Johannes Erdfelt wrote:
> Also, the fact qmail's binaries are so light weight, it would take ALOT
> of connections to effectively do that. They'd probably run out of port
> space on the IP they're attacking from before it really started to
> seriously affect my machine.
>
> But yes, octopus like attacks can be a problem, but for the majority of
> users, it's not a problem. The wasted memory by another daemon running
> is probably more a worry than a DoS attack on a very low profile low
> traffic mail server.
May I refer to a message I posted earlier this week?
Someone forged one of the domains hosted on one of our mailservers
and injected tons of email via a few open relays.
We were hit with all the failure messages coming in at high rate from
thousands (yes really) of remote systems.
With tcpserver I had at least *some* control, with inetd I am rather
sure we'd been lost.
A small, unrecognized, smoothly running system can mutate really fast.
\Maex
--
SpaceNet GmbH | http://www.Space.Net/ | Yeah, yo mama dresses
Research & Development | mailto:[EMAIL PROTECTED] | you funny and you need
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | a mouse to delete files
D-80807 Muenchen | Fax: +49 (89) 32356-299 |
