Joseph S. Testa II
2024-Jun-26 11:56 UTC
An Analysis of the DHEat DoS Against SSH in Cloud Environments
On Wed, 2024-06-26 at 04:32 +0200, Thorsten Glaser wrote:> If they get under attack, they?d better do. And if you?re ignoring > a known bottleneck, the results will probably not be very useful? > besides, not everyone is systemd-infested.The primary responsibility falls on system designers to choose reasonable default settings.
Damien Miller
2024-Jun-26 23:27 UTC
An Analysis of the DHEat DoS Against SSH in Cloud Environments
On Wed, 26 Jun 2024, Joseph S. Testa II wrote:> On Wed, 2024-06-26 at 04:32 +0200, Thorsten Glaser wrote: > > If they get under attack, they?d better do. And if you?re ignoring > > a known bottleneck, the results will probably not be very useful? > > besides, not everyone is systemd-infested. > > The primary responsibility falls on system designers to choose > reasonable default settings.give us a set of defaults that prevents extreme-case DoS while not preventing legitimate traffic for busy servers and we'll adopt it.
Chris Rapier
2024-Jun-27 16:55 UTC
An Analysis of the DHEat DoS Against SSH in Cloud Environments
On 6/26/24 7:56 AM, Joseph S. Testa II wrote:> On Wed, 2024-06-26 at 04:32 +0200, Thorsten Glaser wrote: >> If they get under attack, they?d better do. And if you?re ignoring >> a known bottleneck, the results will probably not be very useful? >> besides, not everyone is systemd-infested. > > > The primary responsibility falls on system designers to choose > reasonable default settings.I think it's really important to get this right. The problem, from my perspective, is that a large number of people are going to installing 9.8 via package updates. They're not going to look to closely at what has changed or what they might need to do differently. Sadly, this includes a lot of people that should know better. Just how it is though. If it wasn't that way we wouldn't need something to protect users against their own weak passwords. I think this is a good idea. I'm just concerned about unforeseen impacts.
Seemingly Similar Threads
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- An Analysis of the DHEat DoS Against SSH in Cloud Environments
- sftp 'Couldn't execute "bash"' lls error