Denial of service attack?

Hi there,

Every once in a while we are getting an enormous amount of connections coming from a single IP address. This is causing the server to start failing because the maximum amount of files has been reached. Is there anything we can set up in the wildfire config to only allow a maximum number of simultaneous connections as described in http://www.xmpp.org/extensions/xep-0205.html#attacks

Thanks!

Ben

Hi,

Wildfire does not support this, but maybe you have an iptables firewall which would like to do the job for you:

iptables -I INPUT -p tcp --dport 5222 -i eth0 -m state --state NEW -m recent --set
iptables -I INPUT -p tcp --dport 5222 -i eth0 -m state --state NEW -m recent --update --seconds 60 --hitcount 4 -j DROP

LG

reference: http://www.debian-administration.org/articles/187