[Users] Pike module

[Bogdan-Andrei Iancu]

Hi Stefano,

as the docs say:
    http://www.openser.org/docs/modules/1.2.x/pike.html#AEN77
the remove_latency is the time interval the node will be kept in memory 
for (before being removed). It has nothing to do with the interval the 
node is considered red (blocking).

The fact the node stays in memory will lead to a faster "red" detection 
as the IP will not be expanded again.

regards,
bogdan

Stefano Capitanio wrote:

> Hi,
>
> i want to use pike module to avoid brute-force attack on Register.
> are the values of the parameters expressed in seconds?
> it seems that there is a problem because i've set:
> modparam("pike", "sampling_time_unit", 30)
> modparam("pike", "reqs_density_per_unit", 10)
> modparam("pike", "remove_latency", 600)
>
> and the routing logic is:
> if (method=="REGISTER") {
>                        # Checks brute-force attacks
>                        if (!pike_check_req()) {
>                                sl_send_reply("403", "Too many 
> attempts!");
>                                break;
>                        };
>                        if (!www_authorize("caspur.it", "subscriber")) {
>                                www_challenge("caspur.it", "0");
>                                break;
>                        };
>                        save("location");
>                        break;
>                };
>
> but when I reach the limit it blocks the requests only for less than 1 
> minute...
> where is the mistake?any idea?
>
> thanks,
> Stefano
>
> _______________________________________________
> Users mailing list
> Users at openser.org
> http://openser.org/cgi-bin/mailman/listinfo/users
>