@hikhvar @briankrebs Just rate-limiting the number...

@hikhvar @briankrebs Just rate-limiting the number of connections per IP should work regardless if on a WebProxy, Chaching Server or Network (Security) Appliance...

OFC those rate limits could be self-resetting/soft to quickly ban any attempted DoS attacks...

Jist like one could traffic-shape per IP Adress...

Like 10 Oct 2023 at 21:50 | Wall-to-wall | Open on mstdn.social

2 comments

Christoph Petrausch

@kkarhan @briankrebs no, rate limiting connections will not help here. The request cancelation happens within the same TCP connection.

11 Oct 2023 at 1:58 | Open on norden.social

Kevin Karhan :verified:

@hikhvar @briankrebs Worst-case limiting over time, number of packets and bandwith would be an option...

This should throttle down attackers...

11 Oct 2023 at 9:54 | Open on mstdn.social

Go Up