[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: connection timeout?

To: Jure Pecar <Jure.Pecar@select-tech.si>
Subject: Re: connection timeout?
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
Date: Thu, 11 Oct 2001 18:21:30 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <200110111431.f9BEVRQ26252@stsrv.select-tech.si>
References: <5.1.0.14.0.20011010200743.016ae6b8@127.0.0.1> <5.1.0.14.0.20011009135401.01688d68@127.0.0.1> <200110081634.f98GYhQ14074@stsrv.select-tech.si> <5.1.0.14.0.20011009135401.01688d68@127.0.0.1> <5.1.0.14.0.20011010200743.016ae6b8@127.0.0.1>

At 07:31 AM 2001-10-11, Jure Pecar wrote:
>Run such a shell script against your ldap server. It tries to make a lot
>of connections at once. Now i have a 2.0.15 openldap server compiled with
>FD_SETSIZE=16384 and the same setting for ulimit -n, but the above script
>starts returning "Can't contact LDAP server" before the nuber reaches
>2000.

You are exceeding some critical resource.  The logs should give
some indication as to which.

>If you let it run in a permanent loop, it could be a simple DoS. 

Actually, it's an overly complex DoS attack.  There are much
simpler ones.

Kurt

References:
- Re: connection timeout?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: connection timeout?
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- connection timeout?
  - From: Jure Pecar <Jure.Pecar@select-tech.si>
- Re: connection timeout?
  - From: Jure Pecar <Jure.Pecar@select-tech.si>

Prev by Date: --disable-rlookups?
Next by Date: Re: memory leak in OpenLDAP2.0.15 on Solaris 2.8
Index(es):
- Chronological
- Thread