Hi,
I�m glad that I just finished my " toaster" today, but as I just put it
online and a strange problem started: I couldnt sent e-mails. Pstree shows
that the maximum number of qmail-smtpd are active, and telnet�ing to port 25
didnt work. Soon, I realize that someone was trying to send a large amount of
spam to my server (chkuser patch works very well btw...), and to do that the
evil spammer opened all the connections that he could until the tcpserver hit
the concurrencyinconming connections.
The incident make me thinking about a way to handle this kind of problem, and
seems to me that if I could limit the number of connections from a single IP
my server would not suffer this kind of DOS again.
Tcpserver doesnt have this kind of control, right? it can only limit the
maximum number of connections, no matter from where they come. It there a way
to do that?
--
Christian Lyra
POP-PR - RNP
http://lyra.soueu.com.br
http://wecanstopspam.org
There once was a master programmer who wrote unstructured programs. A novice
programmer, seeking to imitate him, also began to write unstructured
programs. When the novice asked the master to evaluate his progress, the
master criticized him for writing unstructured programs, saying, ``What is
appropriate for the master is not appropriate for the novice. You must
understand the Tao before transcending structure.''
The Tao Of Programing
