[zeromq-dev] Message delivery and DoS
Ian Barber
ian.barber at gmail.com
Fri Jun 1 11:53:03 CEST 2012
On Thu, May 31, 2012 at 5:50 PM, Pieter Hintjens <ph at imatix.com> wrote:
> On Thu, May 31, 2012 at 5:52 PM, Garrett Smith <g at rre.tt> wrote:
>
> > Is it possible with 0MQ to ever prevent DoS from attackers flooding a
> > socket with message parts?
>
> One could add black/white listing to the TCP transport. It can be done
> on new connections. it's not robust because you can spoof the IP
> packets. A real DoS protection has to happen at the firewall level.
>
Wasn't there a discussion about a max message size option happening at some
point? So at least you could bound what was sent at a single point? That's
more of a fix for an accidental DoS than a malicious one, but still
helpful.
Ian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.zeromq.org/pipermail/zeromq-dev/attachments/20120601/987e801f/attachment.htm>
More information about the zeromq-dev
mailing list