Socket read / Denial of Service
Hi.
Im finishing a data server i wrote, and i want to protect it against DoS attacks on socket reading operations.
My server accepts commands by reading them through a BufferedReader readLine()
The problem is that if the client sends a huge amount of data, the Thread handling the connection gives a OutofMemoryError.
Is there a way to prevent this error ? (by restricting somehow the amount of data received by the socket)
thanx
[480 byte] By [
lmadrigal] at [2007-9-26 16:14:55]
The best way to handle the error would be to reprogram the code receiving the data to not store it all in memory. Alternatively, the code in the thread could arbitrarily close the socket connection after hitting a particular upper bound on data size.
You could extend your Socket to include a long containing the time at which it was opened. Your InputStream could then be extended to count how many bytes you have received from it. This could be combined to create a rudimentary average that would allow your system to identify a DoS attack on its own and kick the user for doing so. You'll want to be careful when specifying what consists of a DoS attack, of course. :)
Zachary Palmer
bkkj@iup.edu
tvynr at 2007-7-2 19:40:57 >
