oss-sec mailing list archives
Re: speaking of DoS, openssh and dropbear (CVE-2006-1206)
From: Solar Designer <solar () openwall com>
Date: Thu, 12 Jan 2012 04:44:07 +0400
Hi, FWIW, the approach with per source IP address limits is also used in ModSecurity's SecReadStateLimit and SecWriteStateLimit directives: http://sourceforge.net/apps/mediawiki/mod-security/index.php?title=Reference_Manual#SecReadStateLimit SecWriteStateLimit is now being talked about in context of slow read attacks: http://blog.spiderlabs.com/2012/01/modsecurity-advanced-topic-of-the-week-mitigation-of-slow-read-denial-of-service-attack.html Alexander
Current thread:
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206), (continued)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Mike O'Connor (Jan 01)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Solar Designer (Jan 01)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Kurt Seifried (Jan 01)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Eitan Adler (Jan 01)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Kurt Seifried (Jan 02)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Nico Golde (Jan 02)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Solar Designer (Jan 02)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Nico Golde (Jan 03)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Mike O'Connor (Jan 01)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Solar Designer (Jan 03)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Kurt Seifried (Jan 03)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Solar Designer (Jan 11)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) David Hicks (Jan 05)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) The Fungi (Jan 05)
- Re: speaking of DoS, openssh and dropbear (CVE-2006-1206) Kurt Seifried (Jan 05)