> The latest was a slow loris approach where it takes forever for robots.txt to ... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ronsor 4 months ago \| parent \| context \| favorite \| on: Ban me at the IP level if you don't like me > The latest was a slow loris approach where it takes forever for robots.txt to download. I'd treat this in a client the same way as I do in a server application. If the peer is behaving maliciously or improperly, I silently drop the TCP connection without notifying the other party. They can waste their resources by continuing to send bytes for the next few minutes until their own TCP stack realizes what happens.

conradludgate 4 months ago [–]

How do you silently drop a TCP connection? Closing the socket fd usually results in a FIN packet being sent whether I want it to or not.

Additionally, it's not going to be using that many resources before your kernel sends it a RST next time a data packet is sent

ronsor 4 months ago | [–]

TCP_REPAIR: https://tinselcity.github.io/TCP_Repair/

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact