On 2018-02-14 10:48, Sergi Almacellas Abellana wrote: > In case of flodding, the system can be turned down when the server does > not have enougth capacity to reply all the request. If you get such > attacks, i think it's better to block the correponding ip. Indeed a new > patch have been proposed to improve it: > > https://bugs.tryton.org/issue7110 > > I think this will work better for flooding attacks.
There are many other measures like the size request limitation, the periodical cleaning of the table, the login size limit etc. But this is not enough and it will never be enough. Flooding attack (or DoS) should be fixed at lower level like firewall or even better at the router level. But Tryton provides enough information in the log file to let tools like fail2ban to block such IP. Also it is recommended to put the server behind a proxy which provides all the tools against such attack. DDoS attack is even more difficult to counter because at this level it is a matter of size. You must have a large enough network to absorb the bandwidth the attacker is sending. -- Cédric Krier - B2CK SPRL Email/Jabber: cedric.kr...@b2ck.com Tel: +32 472 54 46 59 Website: http://www.b2ck.com/ -- You received this message because you are subscribed to the Google Groups "tryton-dev" group. To view this discussion on the web visit https://groups.google.com/d/msgid/tryton-dev/20180214100433.GY24410%40kei.
