[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Big searches.

To: Roel van Meer <rolek@alt001.com>, "Killian, John (Contractor)" <KillianJ@ncr.disa.mil>
Subject: Re: Big searches.
From: Andrew Tristan <atristan@acacia.ucr.edu>
Date: Thu, 3 May 2001 10:25:36 -0700 (PDT)
Cc: openldap-software@OpenLDAP.org
In-reply-to: Roel van Meer <rolek@alt001.com> "Re: Big searches." (May 3, 6:30pm)

You can always use tcp wrappers to allow only a handful of hosts to
connect to your ldap server.
A

-- On May 3,  6:30pm, Roel van Meer wrote:
> Subject: Re: Big searches.
> "Killian, John (Contractor)" wrote:
> > 
> > > The question I was asking was more about how to get, say 10.000, records
> > > out of an ldap db the best possible way: with a single or with multiple
> > searches?
> > 
> > When we allow limits to be set as high as 10,000, do we not run the risk of
> > exposing the directory to Denial of Service attacks?
> 
> That's a good point. DOS might be overcome by using it only
> locally, but it increases the risk of performance loss due to
> misconfiguration of something. i think this is the first good
> reason for going with the multiple-search approach. Thanks!
> 
> Regards,
> 
> rolek
> 
> --
> 1A First Alternative rolek@alt001.com    www.alt001.com
> Linvision BV         rolek@linvision.com
> (www|devel).linvision.com
> --
-- End of excerpt from Roel van Meer --



-- 
andrew.tristan@ucr.edu          Unix Systems Group, UC Riverside

Prev by Date: Re: Using Outlook - new question
Next by Date: I have it running. Now what...
Index(es):
- Chronological
- Thread