Thanks for your suggestions! I will have a look at these mediators and how i could use them. But isn't the DoS attack only shifted to the Sysnapse mediator then?
Regards Simon On So, 2009-03-22 at 22:23 +0530, Ruwan Linton wrote: > Interesting, this can be done with Synapse and a one suggestion; > > You could use the throttle mediator and/or cache mediator to prevent the > actual web service with the DoS attacks, by throttling the access to the web > service using the throttle mediator and you could use the cache mediator to > serve from the cache for equivalent messages within the synapse layer itself > without hitting the actual service. (Cache mediator is going to work iff the > service response completely depends on the request message and not with any > other parameters like time and so on) > > This might also be a good way of preventing the actual service. > > Thanks, > Ruwan > > On Sun, Mar 22, 2009 at 9:12 PM, Simon Echle <[email protected]> wrote: > > > > Interestingly, even Axis2 itself is not immune. See [1] for an issue > > > that has been discovered yesterday. > > > > > > Is your project/thesis more focused on detecting security issues and > > > fixing them or on protecting existing Web services with potentially > > > known security issues? > > > > > > Andreas > > > > > > [1] https://issues.apache.org/jira/browse/AXIS2-4279 > > > > Hi, > > > > it is definitely more focused on protecting existing Web services > > against known attacks. Nevertheless one interesting part is how to > > handle new upcoming attacks and again the solution of securing the > > application layer outside the application (with Synapse in my case) > > comes up with some obvious advatages, like you do not have to change or > > know a single line of code of the service. > > > > > > Simon > > > > > >
