The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Prevent DOS attacks using Xinetd directives

Discussion in 'General Discussion' started by sh4ka, Mar 6, 2006.

  1. sh4ka

    sh4ka Well-Known Member

    Joined:
    May 12, 2005
    Messages:
    442
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    US
    cPanel Access Level:
    DataCenter Provider
    Has anyone tried this directives using RH+cPanel servers for the FTP service ? :confused:

    From: http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/security-guide/ch-server.html
    5.1.2.2. Controlling Server Resources

    Another important feature of xinetd is its ability to control the amount of resources which services under its control can utilize.

    It does this by way of the following directives:

    Code:
        *
         cps = <number_of_connections> <wait_period> — Dictates the connections allowed to the service per second. This directive accepts only integer values.
        *
          instances = <number_of_connections> — Dictates the total number of connections allowed to a service. This directive accepts either an integer value or UNLIMITED.
        *
          per_source = <number_of_connections> — Dictates the connections allowed to a service by each host. This directive accepts either an integer value or UNLIMITED.
        *
          rlimit_as = <number[K|M]> — Dictates the amount of memory address space the service can occupy in kilobytes or megabytes. This directive accepts either an integer value or UNLIMITED.
        *
          rlimit_cpu = <number_of_seconds> — Dictates the amount of time in seconds that a service may occupy the CPU. This directive accepts either an integer value or UNLIMITED.
    Using these directives can help prevent any one xinetd service from overwhelming the system, resulting in a denial of service.
     
  2. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Not a great deal of point since just about the only service run through xinetd on cPanel servers is uw-imap. If you've converted to maildir, then there's probably nothing (that should be) using it.
     
Loading...

Share This Page