| Subject | Re: [Firebird-Architect] RC4 |
|---|---|
| Author | Jim Starkey |
| Post date | 2010-11-18T16:47:40Z |
On 11/18/2010 11:33 AM, Alex Peshkoff wrote:
service attacks? All they have to do is throw a bunch random
connections and the database shuts down...
I think a better approach would be to start waving red flags at humans
telling them that the system is under attack and let them figure out
what to do.
--
Jim Starkey
Founder, NimbusDB, Inc.
978 526-1376
>>>> 4. The server decrypts the session key and uses it for subsequentI understand the logic, but doesn't that encourage distributed denial of
>>>> communication (RC4 by default)
>>>>
>>>> The server will stop responding to an account after n successive
>>>> failures for an account for progressively increasing time to thwart
>>>> dictionary attacks.
>>>>
>>> Taking into an account IPs having too many failures is also useful.
>> Good point, but it doesn't help against a distributed dictionary attack.
> Yes, but taking into an account only username does not help if attacker
> wants to crack any name, not only particular one. Certainly, from
> distributed attack on any users, not one particular, nothing of this
> helps - but on firebird I prefer to check both logins and IPs. And as a
> last measure - if a total of failed login attempts (for different users,
> from different IPs) becomes too big, I delay all logins (certainly not
> progressively) for some amount of time.
>
service attacks? All they have to do is throw a bunch random
connections and the database shuts down...
I think a better approach would be to start waving red flags at humans
telling them that the system is under attack and let them figure out
what to do.
--
Jim Starkey
Founder, NimbusDB, Inc.
978 526-1376