[Users] Pike module
Stefano Capitanio
s.capitanio at caspur.it
Thu Dec 14 11:19:28 CET 2006
Hi Bogdan,
so what can I do if I want to block for 10 minutes the requests coming
from the IP address that excedeed the limit?
thanks for your help,
Stefano
Bogdan-Andrei Iancu ha scritto:
> Hi Stefano,
>
> as the docs say:
> http://www.openser.org/docs/modules/1.2.x/pike.html#AEN77
> the remove_latency is the time interval the node will be kept in
> memory for (before being removed). It has nothing to do with the
> interval the node is considered red (blocking).
>
> The fact the node stays in memory will lead to a faster "red"
> detection as the IP will not be expanded again.
>
> regards,
> bogdan
>
> Stefano Capitanio wrote:
>
>> Hi,
>>
>> i want to use pike module to avoid brute-force attack on Register.
>> are the values of the parameters expressed in seconds?
>> it seems that there is a problem because i've set:
>> modparam("pike", "sampling_time_unit", 30)
>> modparam("pike", "reqs_density_per_unit", 10)
>> modparam("pike", "remove_latency", 600)
>>
>> and the routing logic is:
>> if (method=="REGISTER") {
>> # Checks brute-force attacks
>> if (!pike_check_req()) {
>> sl_send_reply("403", "Too many
>> attempts!");
>> break;
>> };
>> if (!www_authorize("caspur.it", "subscriber")) {
>> www_challenge("caspur.it", "0");
>> break;
>> };
>> save("location");
>> break;
>> };
>>
>> but when I reach the limit it blocks the requests only for less than
>> 1 minute...
>> where is the mistake?any idea?
>>
>> thanks,
>> Stefano
>>
>> _______________________________________________
>> Users mailing list
>> Users at openser.org
>> http://openser.org/cgi-bin/mailman/listinfo/users
>>
>
More information about the sr-users
mailing list