- From: Jim Gettys <jg@pa.dec.com>
- Date: Mon, 15 Jun 1998 10:31:25 -0700
- To: "J.P. Martin-Flatin" <martin-flatin@epfl.ch>
- Cc: Jim Gettys <jg@pa.dec.com>, http-wg@cuckoo.hpl.hp.com
> Sender: jpmf@tcomhp20.epfl.ch > From: "J.P. Martin-Flatin" <martin-flatin@epfl.ch> > Date: Mon, 15 Jun 1998 19:13:43 +0200 > To: jg@pa.dec.com (Jim Gettys) > Cc: http-wg@cuckoo.hpl.hp.com > Subject: Re: Drawbacks of persistent connections > ----- > On Mon, 15 Jun 1998 09:48:50 -0700, Jim Gettys wrote: > > > > > Section 8.1.1 may come across as slightly biaised, because it lists > > > only advantages of persistent connections. In practice, these are > > > balanced by drawbacks. For instance, if the timeout value of > > > persistent connections is larger than the TCP connection timeout, > > > denial-of-service attacks are more effective: by using up all possible > > > connections, a malicious user can prevent access to a targeted server > > > for a longer period of time. Perhaps a quick mention of this issue > > > would make sense in section 8.1.4 (Practical Considerations)? > > > > The denial of service attack is the same between persistent connections > > and non-persistent connections. I can see no difference between the > > two situations; the attacker does exactly the same thing in either case, > > with the same result. > > Presumably, the timeout of persistent connections will be longer than the > TCP connection timeout (that is, the recommended time to maintain TCP > TIME_WAIT state, generally 4 minutes). So even though the technique used > for the attack is the same, the effect will be amplified in the case of > persistent connections with long timeouts. > No, actually, most of the benefit from persistent connections appears to be in the first 30 seconds to a minute... I don't think many busy servers will likely keep that long a timeout, even with persistent connections. Mogul's research showed that most the value for "click ahead" occurs in the first few minutes, so a reasonable timeout for a busy server (one which will likely have to time out connections at all) is likely shorter than the TCP TIME_WAIT state. As I said, the attack is the same, and the effect is the same... - Jim
Received on Tuesday, 16 June 1998 09:21:55 UTC