Hi,

,- - [ Le jeudi 12 février 2004 vers 10:25 knom écrivait: ] - -
|
> Currently the patch works IP based. I write a file for each logged in IP to
> a directory, where I mark the time of the first login.
> Then I count the number of logins during the next xx minutes in that file,
> too.
> If the number exceeds, I show the message to the user, which is in my
> opinion mandatory, because otherwise the user will be confused (but I think
> of showing only the minutes and not the exact time ?!...)
|
`- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Personaly, i would be interested by a patch to limit the frequency by login, and not 
by IP...

What i would like to limit, is customer placing continuous mail check every 30 
seconds...  il would like to limit email check to 5 every 10 minutes...  but it would 
be a limit per login, and not per IP, i have customers connected with 50 computers 
behind a NAT router, so only one IP for at least 50 mailbox...

IP based frequency patch is only usefull against DoS, but honnestly, for a brute force 
DoS, a hacker would probably not use POP3 protocol, except if the DoS is really 
targetting a mail system and not a whole server...

Best regards...
 _
(_'  L'informatique est ma passion, vous la simplifier, mon métier !
,_)téphane Bouvard [antarex AT freenet DOT be] http://www.antarex.be

-- 
  _  _
 |_)(_  Votre propre nom de domaine .be - service de qualité - 25 Euros
o|_)(_ Hosting php4/cgi/mySQL - 100 Euros, pq payer plus ? www.myown.be

Reply via email to