Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
From: Solar Designer <solar () openwall com>
Date: Thu, 12 Jan 2012 04:44:07 +0400

Hi,

FWIW, the approach with per source IP address limits is also used in
ModSecurity's SecReadStateLimit and SecWriteStateLimit directives:

http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecReadStateLimit

SecWriteStateLimit is now being talked about in context of slow read
attacks:

http://blog.spiderlabs.com/2012/01/modsecurity-advanced-topic-of-the-week-mitigation-of-slow-read-denial-of-service-attack.html

Alexander


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]