- From: Jim Gettys <jg@pa.dec.com>
- Date: Mon, 15 Jun 1998 09:48:50 -0700
- To: "J.P. Martin-Flatin" <martin-flatin@epfl.ch>
- Cc: http-wg@cuckoo.hpl.hp.com
> Sender: jpmf@tcomhp20.epfl.ch > From: "J.P. Martin-Flatin" <martin-flatin@epfl.ch> > Resent-From: http-wg@hplb.hpl.hp.com > Date: Mon, 15 Jun 1998 01:44:25 +0200 > To: http-wg@cuckoo.hpl.hp.com > Cc: martin-flatin@epfl.ch > Subject: Drawbacks of persistent connections > ----- > Section 8.1.1 may come across as slightly biaised, because it lists only > advantages of persistent connections. In practice, these are balanced by > drawbacks. For instance, if the timeout value of persistent connections is > larger than the TCP connection timeout, denial-of-service attacks are more > effective: by using up all possible connections, a malicious user can > prevent access to a targeted server for a longer period of time. Perhaps a > quick mention of this issue would make sense in section 8.1.4 (Practical > Considerations)? > The denial of service attack is the same between persistent connections and non-persistent connections. I can see no difference between the two situations; the attacker does exactly the same thing in either case, with the same result. In general, denial of service attacks are very difficult to deal with. - Jim
Received on Tuesday, 16 June 1998 09:23:03 UTC