Message 24686

Author
pokoli
Date
2016-03-09.13:45:58
Message id
24686

Content

Hi All, 

After carefully reading all the issue, here is my opinion. 

I don't think it's the scope of trytond to fight against DDoS attack, so for me no issue at all. I want to propose Reverse nginx proxy [1] as another option to fight against DDoS attacks.

About the proposed patch it does not solve the DDoS attack, as it give an easier way to brute force some user password (explained on msg24650), which will ease the attacker the possibility to obtain a valid user/password. Once the user has the valid user/password, it can consume the host resources quicklier, for example by creating invoices and this will colapse the system easier. 


[1] https://www.nginx.com/blog/mitigating-ddos-attacks-with-nginx-and-nginx-plus/
History
Date User Action Args
2016-03-09 13:45:59pokolisetmessageid: <1457527559.18.0.267635329868.issue5375@tryton.org>
2016-03-09 13:45:59pokolisetrecipients: + ced, bch, yangoon, nicoe, sharkcz, meanmicio, smarro, ajacoutot
2016-03-09 13:45:59pokolilinkissue5375 messages
2016-03-09 13:45:58pokolicreate

Showing 10 items. Show all history (warning: this could be VERY long)