Denial of Service Protection

Does Openfire offer any level of protection from DoS attacks?

Here’s why I ask- an experimental client that we have under development went berserk this morning and started sending out 300+ presence messages a minute, alternating between “invisible” and “available”. Within 5-10 minutes Openfire had become unresponsive and had to be bounced (it was running on a dual Xeon with 4GB+ RAM). I would have expected some logic in Openfire to kick any JID that generates this much nonsense traffic… (of course that doesn’t protect the network layer, but there are other methods for that.) Is there a setting that I am missing? Or does this protection not exist?

Note: I did a forum search for “Denial of Service” and “DoS” and got nothing of use- sorry if this post rehashes old ground.

Cheers,

Dan

Hi Dan,

there is no DoS protection in Openfire.

LG

Ah, that is interesting!

Is there any way to implement a flood-protection jid based?

thx

Hi,

you could write a plugin which detects flooding and then takes some action. You may prefer a solution which does this on the IP layer without interaction with the application - for example with a layer 7 switch.

LG