RE: DoS attack ?
John C Klensin <klensin@jck.com> Thu, 06 December 2001 18:58 UTC
Return-Path: <ietf-irnss-errors@lists.elistx.com>
Received: from ELIST-DAEMON.eListX.com by eListX.com (PMDF V6.0-025 #44856) id
<0GNX00904RD12D@eListX.com> (original mail from klensin@jck.com);
Thu, 06 Dec 2001 13:58:13 -0500 (EST)
Received: from CONVERSION-DAEMON.eListX.com by eListX.com (PMDF V6.0-025
#44856) id <0GNX00901RD02B@eListX.com> for ietf-irnss@elist.lists.elistx.com
(ORCPT ietf-irnss@lists.elistx.com); Thu, 06 Dec 2001 13:58:12 -0500 (EST)
Received: from DIRECTORY-DAEMON.eListX.com by eListX.com (PMDF V6.0-025
#44856) id <0GNX00901RD02A@eListX.com> for ietf-irnss@elist.lists.elistx.com
(ORCPT ietf-irnss@lists.elistx.com); Thu, 06 Dec 2001 13:58:12 -0500 (EST)
Received: from bs.jck.com ([209.187.148.211]) by eListX.com (PMDF V6.0-025
#44856) with ESMTP id <0GNX007AURCZL5@eListX.com> for
ietf-irnss@lists.elistx.com; Thu, 06 Dec 2001 13:58:12 -0500 (EST)
Received: from [209.187.148.217] (helo=P2) by bs.jck.com with esmtp (Exim 3.22
#1) id 16C3f3-000H37-00; Thu, 06 Dec 2001 18:54:21 +0000
Date: Thu, 06 Dec 2001 13:54:20 -0500
From: John C Klensin <klensin@jck.com>
Subject: RE: DoS attack ?
In-reply-to: <7FC3066C236FD511BC5900508BAC86FE4364D0@trestles.internal.realnames.com>
To: Nicolas Popp <nico@realnames.com>, YangWoo Ko <newcat@spsoft.co.kr>
Cc: ietf-irnss@lists.elistx.com
Message-id: <128855563.1007646860@P2>
MIME-version: 1.0
X-Mailer: Mulberry/2.1.1 (Win32)
Content-type: text/plain; charset=us-ascii
Content-transfer-encoding: 7BIT
Content-disposition: inline
References: <7FC3066C236FD511BC5900508BAC86FE4364D0@trestles.inte
rnal.realnames.com>
List-Owner: <mailto:ietf-irnss-help@lists.elistx.com>
List-Post: <mailto:ietf-irnss@lists.elistx.com>
List-Subscribe: <http://lists.elistx.com/ob/adm.pl>,
<mailto:ietf-irnss-request@lists.elistx.com?body=subscribe>
List-Unsubscribe: <http://lists.elistx.com/ob/adm.pl>,
<mailto:ietf-irnss-request@lists.elistx.com?body=unsubscribe>
List-Archive: <http://lists.elistx.com/archives/ietf-irnss>
List-Help: <http://lists.elistx.com/elists/admin.shtml>,
<mailto:ietf-irnss-request@lists.elistx.com?body=help>
List-Id: <ietf-irnss.lists.elistx.com>
--On Thursday, 06 December, 2001 10:09 -0800 Nicolas Popp <nico@realnames.com> wrote: > You can also do what most search engines would. > You return a (small) range of ranked results in the set of > results and your last result is a referral back to you for the > next range in the set...Then you try to detect automated > crawlers that recursively follow the referrals and slow them > down to a halt. > > So, just from that standpoint, it could be useful for the > protocol to support the notion of results set range (query) as > well as referral (response). Brief observations: Yeech. Been there and done that. Does not scale well to VLDBs. Returning of resulted based on sorted ranking doesn't either, unless you retrieve everything (or high-performance record pointers to everything) on the server, sort things out there, and then, for efficiency, return part of it and cache everything else. If you are trying to conserve bandwidth or improve user presentation speed, this works (although it still doesn't scale terribly well). If you are trying to conserve server resources, it is usually bad news. <Incorporate several observations about race conditions and server-based search state here> How would you feel about getting back an randomly-chosen subset of specified maximum size each time, sampled with replacement ? :-) Let's discuss next week. john
- RE: DoS attack ? Patrik Fältström
- Re: DoS attack ? YangWoo Ko
- RE: DoS attack ? Nicolas Popp
- RE: DoS attack ? Nicolas Popp
- RE: DoS attack ? John C Klensin
- RE: DoS attack ? Patrik Fältström
- RE: DoS attack ? John C Klensin
- RE: DoS attack ? Nicolas Popp
- Re: DoS attack ? John C Klensin
- Re: DoS attack ? John C Klensin
- Re: DoS attack ? Eric Brunner-Williams in Portland Maine
- DoS attack ? YangWoo Ko