[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Big searches.

To: "Killian, John (Contractor)" <KillianJ@ncr.disa.mil>
Subject: Re: Big searches.
From: Roel van Meer <rolek@alt001.com>
Date: Thu, 03 May 2001 18:30:15 +0200
Cc: openldap-software@OpenLDAP.org, paul@linvision.com
Organization: Linvision
References: <5610E7389363D411995100204804EE540329904F@rbmail104.chamb.disa.mil>

"Killian, John (Contractor)" wrote:
> 
> > The question I was asking was more about how to get, say 10.000, records
> > out of an ldap db the best possible way: with a single or with multiple
> searches?
> 
> When we allow limits to be set as high as 10,000, do we not run the risk of
> exposing the directory to Denial of Service attacks?

That's a good point. DOS might be overcome by using it only
locally, but it increases the risk of performance loss due to
misconfiguration of something. i think this is the first good
reason for going with the multiple-search approach. Thanks!

Regards,

rolek

--
1A First Alternative rolek@alt001.com    www.alt001.com
Linvision BV         rolek@linvision.com
(www|devel).linvision.com
--

References:
- RE: Big searches.
  - From: "Killian, John (Contractor)" <KillianJ@ncr.disa.mil>

Prev by Date: RE: Big searches.
Next by Date: Re: Using Outlook - new question
Index(es):
- Chronological
- Thread