[zeromq-dev] Message delivery and DoS
Garrett Smith
g at rre.tt
Thu May 31 17:52:53 CEST 2012
Given that multi-part messages are delivered atomically:
"ØMQ ensures atomic delivery of messages; peers shall receive either
all message parts of a message or none at all."
Is it possible with 0MQ to ever prevent DoS from attackers flooding a
socket with message parts?
I'd like a scheme that I could implement an auth check on a small
payload before reading subsequent payload. E.g.
- Is this message coming from a trusted sender?
- If yes, read the rest (encrypted or otherwise)
- If no, reject subsequent data from sender
In HTTP (or any streaming protocol), e.g. this is straight forward --
e.g. you can check headers before reading body and close the
connection as needed before spending CPU, memory, network IO on that
connection.
Garrett
More information about the zeromq-dev
mailing list