Email or username:

Password:

Forgot your password?
BrianKrebs's posts Post Back to profile
Top-level
Louis Ingenthron

@briankrebs I thought that DDOS protection shuts down or rate-limits connection attempts after detecting a high volume, right? Does that detection just not work if they requestor also sends cancellation messages?

In other words, after the first 10 or 100 are sent and cancelled, why would the server not just reject any connection attempt from that host?

10 Oct 2023 at 15:04 | Wall-to-wall | Open on qoto.org
2 comments
Yuri Arabadji

@LouisIngenthron because you can't know for sure who's behind the endpoint sending stream resets. It could be a non-malicious user. The vuln is not that bad. Manageable.

10 Oct 2023 at 19:26 | Open on techhub.social
Louis Ingenthron

@cek To the best of my knowledge, everything you just said applies to traditional DDOS attacks too. You can't tell if they're malicious either, but once they go over the limit, you cut them off anyway to play defense. Why does that not apply here?

10 Oct 2023 at 19:44 | Open on qoto.org
Go Up