[JDEV] Filling public server's disk?
Matthias Wimmer
m at tthias.net
Thu Jan 8 11:50:33 CST 2004
Hi Brian, hi David!
Brian Mila schrieb am 2004-01-08 11:13:00:
> > How would you prevent a Registration-DoS? By limiting the
> > total number of allowed registrations per time? That would
> > even make it
> > easier to make a DoS against the server (or at least against new
> > registrations on it).
> You could do registration majordomo-style where it sends a
> confirmation to an email address before the acct is activated.
That is indeed true. I thought about the traditional inband registration
and I see now way to prevent this from DDoS. Sure be changing the
complete procedure there are possibilities.
But even with e-mail confirmation it would be easy to write a bot that
handles the confirmation. I think this style of confirmation is more for
verifying e-mail addresses and that they want to use the (mailing list)
service than for server protection. The schemes where you have to read
the letters on an image and input them, you will make it impossible for
some users (e.g. users without a graphical environment) to register
accounts and as I read in a German computer magazin (c't) some time ago
it is also no problem to automate the reading of these images even if
they are printed on colored backgrounds or not "clean printed".
Tot kijk
Matthias
--
Fon: +49-(0)70 0770 07770 http://matthias.wimmer.name/
HAM: DB1MW xmpp:mawis at charente.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://www.jabber.org/jdev/attachments/20040108/89646d7b/attachment-0002.pgp>
More information about the JDev
mailing list