14 Dec
2006
14 Dec
'06
12:19 p.m.
Hi Bogdan,
so what can I do if I want to block for 10 minutes the requests coming
from the IP address that excedeed the limit?
thanks for your help,
Stefano
Bogdan-Andrei Iancu ha scritto:
Hi Stefano,
as the docs say:
http://www.openser.org/docs/modules/1.2.x/pike.html#AEN77
the remove_latency is the time interval the node will be kept in
memory for (before being removed). It has nothing to do with the
interval the node is considered red (blocking).
The fact the node stays in memory will lead to a faster "red"
detection as the IP will not be expanded again.
regards,
bogdan
Stefano Capitanio wrote:
Hi,
i want to use pike module to avoid brute-force attack on Register.
are the values of the parameters expressed in seconds?
it seems that there is a problem because i've set:
modparam("pike", "sampling_time_unit", 30)
modparam("pike", "reqs_density_per_unit", 10)
modparam("pike", "remove_latency", 600)
and the routing logic is:
if (method=="REGISTER") {
# Checks brute-force attacks
if (!pike_check_req()) {
sl_send_reply("403", "Too many
attempts!");
break;
};
if (!www_authorize("caspur.it", "subscriber"))
{
www_challenge("caspur.it", "0");
break;
};
save("location");
break;
};
but when I reach the limit it blocks the requests only for less than
1 minute...
where is the mistake?any idea?
thanks,
Stefano
_______________________________________________
Users mailing list
Users(a)openser.org
http://openser.org/cgi-bin/mailman/listinfo/users