Let's use Jabber as an example: If I setup my own jabber server and let it flood a jabber user on another server by sending messages with varying sender addresses, how would that user usually be protected, if at all? If the client usually saves at least a few messages per conversation in RAM (as far as I know, every client does that), wouldn't the RAM quickly overflow?
Asked
Active
Viewed 148 times
1 Answers
1
The servers involved usually have DoS protections built into them. The servers have to protect themselves from attack anyway, so they also protect their users. If you're still worried about it, stop reading from the socket while you're processing. You've got a queue-theory problem of being able to ever catch up, but at least you won't run out of memory.
Joe Hildebrand
- 10,354
- 2
- 38
- 48
-
"stop reading from the socket while you're processing"... so that it becomes the server's problem to buffer all messages or start discarding some :D – thejh Mar 31 '13 at 15:51
-
Eventually. The receive TCP buffer fills up, then the sender's buffer fills up, only then do the sender's write calls start blocking. A good server will likely disconnect you after some time in that state. – Joe Hildebrand Mar 31 '13 at 19:35