[Devel] msilo dos

Daniel-Constantin Mierla daniel at voice-system.ro
Mon Sep 11 09:24:37 CEST 2006

On 09/10/06 21:59, Juha Heinanen wrote:
> currently there is no limit how many messages a user can have stored in
> silo table.  this is clearly a big dos security problem that needs to be
> fixed.

yes, some check must be done, indeed. One can use now pike module to 
detect flooding, and there is an expire time for stored messages.

What you proposed cand be done via avp_db_query() from the script. You 
can load the count of stored messages per user in an avp and check it 
directly in the script.


> i suggest to add a module parameter max_message_count or something like
> that.  the downside is that m_store will require two db operations, but
> there is nothing we can do about that.
> comments?
> -- juha
> _______________________________________________
> Devel mailing list
> Devel at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/devel

More information about the Devel mailing list