Re: DoS attack from java connections - how to avoid

  • From: Laimutis.Nedzinskas@xxxxxx
  • To: oracle_l <ORACLE-L@xxxxxxxxxxxxx>
  • Date: Tue, 31 Aug 2010 12:28:39 +0300

we have disabled failed login attempts altogether. this is a vector for DoS
attack.
There are better strategies to deal with the issue.


---------------------------------------------------------------------------------

Please consider the environment before printing this e-mail


                                                                           
             John Hallas                                                   
             <John.Hallas@morr                                             
             isonsplc.co.uk>                                            To 
             Sent by:                  oracle_l <ORACLE-L@xxxxxxxxxxxxx>   
             oracle-l-bounce@f                                          cc 
             reelists.org                                                  
                                                                   Subject 
                                       DoS attack from java connections -  
             2010.08.31 12:07          how to avoid                        
                                                                           
                                                                           
             Please respond to                                             
             John.Hallas@morri                                             
               sonsplc.co.uk                                               
                                                                           
                                                                           




We had an application that repeatedly connects to the database via java
connection pool fail because the account had become locked.
The application kept on trying, the database did not allow the connection
and we ended up with thousands of ‘dead’ processes causing the unix server
to hang as all memory was used up.

The obvious thing to fix in our case was some form of application logic to
recognise that failed connections had been made and stop the repeated
connection attempts.

However this could also be used in a denial of service attack. What steps
could we take to reduce that risk. The problem as I see it is that the
database has reacted correctly and there is not much more we could do at
the database level. However I am always open to suggestions

John

www.jhdba.wordpress.com





______________________________________________________________________
Wm Morrison Supermarkets Plc is registered in England with number 358949.
The registered office of the company is situated at Gain Lane, Bradford,
West Yorkshire BD3 7DL. This email and any attachments are intended for the
addressee(s) only and may be confidential.

If you are not the intended recipient, please inform the sender by replying
to the email that you have received in error and then destroy the email.
If you are not the intended recipient, you must not use, disclose, copy or
rely on the email or its attachments in any way.

This email does not constitute a contract in writing for the purposes of
the Law of Property (Miscellaneous Provisions) Act 1989.

Our Standard Terms and Conditions of Purchase, as may be amended from time
to time, apply to any contract that we enter into. The current version of
our Standard Terms and Conditions of Purchase is available at:
http://www.morrisons.co.uk/gscop

Although we have taken steps to ensure the email and its attachments are
virus-free, we cannot guarantee this or accept any responsibility,
and it is the responsibility of recipients to carry out their own virus
checks.
______________________________________________________________________



--
//www.freelists.org/webpage/oracle-l


Other related posts: