svn commit: r192463 - head/sys/fs/nfsserver
John Baldwin
jhb at freebsd.org
Fri May 22 17:46:38 UTC 2009
On Friday 22 May 2009 12:19:32 pm Rick Macklem wrote:
>
> On Fri, 22 May 2009, John Baldwin wrote:
>
> >
> > What about a malicious denial-of-service attack where a malicious client
> > initiates an endless stream of connection attempts to force a panic? I
think
> > that is where the concern lies. I'm sure a malicious client could do it
> > intentionally in less than 136 years, perhaps on the order of seconds
and/or
> > minutes? :)
> >
> I think blocking IP#s at some external firewall is going to be the only
> way to survive such an attack, but I suppose it's nice if the server
> doesn't reboot during the attack and just gets really really slow.
Yes, I think that is very reasonable and I wouldn't expect anything more than
that. Thanks.
--
John Baldwin
More information about the svn-src-head
mailing list