Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-16 Thread Nicolas Évrard
* Mathias Behrle [2018-02-16 16:22 +0100]: * Nicolas Évrard: " Re: [tryton-dev] Impact mitigation for DDoS attack" (Wed, 14 Feb 2018 13:55:48 +0100): Hello again, Hello Matthias, * Mathias Behrle [2018-02-14 12:17 +0100]: * Nicolas Évrard: " Re: [tryton-dev] Impact miti

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-16 Thread Mathias Behrle
* Nicolas Évrard: " Re: [tryton-dev] Impact mitigation for DDoS attack" (Wed, 14 Feb 2018 13:55:48 +0100): Hello again, > * Mathias Behrle [2018-02-14 12:17 +0100]: >>* Nicolas Évrard: " Re: [tryton-dev] Impact mitigation for DDoS attack" (Wed, >> 1

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Sergi Almacellas Abellana
El 14/02/18 a les 12:17, Mathias Behrle ha escrit: > I just want to re-throw into the discussion to consider the use of an > in-memory > database like redis for session management. > > https://stackoverflow.com/questions/10278683/how-safe-it-is-to-store-session-with-redis > https://www.digitaloce

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Nicolas Évrard
* Mathias Behrle [2018-02-14 12:17 +0100]: * Nicolas Évrard: " Re: [tryton-dev] Impact mitigation for DDoS attack" (Wed, 14 Feb 2018 10:46:38 +0100): Hi together, Hello, I am still missing a thorough handling of the _several_ _different_ involved issues as proposed

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Cédric Krier
On 2018-02-14 12:17, Mathias Behrle wrote: > I am still missing a thorough handling of the _several_ _different_ involved > issues as proposed in If you have an issue to report, please create it on the bug tracker. -- Cédric Krier - B2CK SPRL Email/Jabber: cedric.kr...@b2ck.com Tel: +32 472 54 4

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Cédric Krier
On 2018-02-14 01:27, Axel Braun wrote: > Am Sonntag, 4. Februar 2018 00:30:05 UTC+1 schrieb Cédric Krier: > > On 2018-02-03 07:48, Axel Braun wrote: > > > Am Montag, 29. Januar 2018 23:25:07 UTC+1 schrieb Cédric Krier: > > > > On 2018-01-29 12:47, Axel Braun wrote: > > > > > I would like to discuss

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Mathias Behrle
* Nicolas Évrard: " Re: [tryton-dev] Impact mitigation for DDoS attack" (Wed, 14 Feb 2018 10:46:38 +0100): Hi together, I am still missing a thorough handling of the _several_ _different_ involved issues as proposed in https://bugs.tryton.org/issue5375 (specifically https://bugs.

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Cédric Krier
On 2018-02-14 10:48, Sergi Almacellas Abellana wrote: > In case of flodding, the system can be turned down when the server does > not have enougth capacity to reply all the request. If you get such > attacks, i think it's better to block the correponding ip. Indeed a new > patch have been proposed

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Nicolas Évrard
* Nicolas Évrard [2018-02-14 10:46 +0100]: Because for me that would be a solution: instead of patching trytond with the really bad patch you're using you could just patch GNU Health (thus not impacting users of trytond) and you're done, this whole issue become void. Another solution would be

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Sergi Almacellas Abellana
El 14/02/18 a les 10:27, Axel Braun ha escrit: > Am Sonntag, 4. Februar 2018 00:30:05 UTC+1 schrieb Cédric Krier: >> On 2018-02-03 07:48, Axel Braun wrote: >>> Am Montag, 29. Januar 2018 23:25:07 UTC+1 schrieb Cédric Krier: On 2018-01-29 12:47, Axel Braun wrote: > I would like to discuss h

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Nicolas Évrard
* Axel Braun [2018-02-14 10:27 +0100]: Am Sonntag, 4. Februar 2018 00:30:05 UTC+1 schrieb Cédric Krier: On 2018-02-03 07:48, Axel Braun wrote: > Am Montag, 29. Januar 2018 23:25:07 UTC+1 schrieb Cédric Krier: > > On 2018-01-29 12:47, Axel Braun wrote: > > > I would like to discuss https://bugs.

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-14 Thread Axel Braun
Am Sonntag, 4. Februar 2018 00:30:05 UTC+1 schrieb Cédric Krier: > On 2018-02-03 07:48, Axel Braun wrote: > > Am Montag, 29. Januar 2018 23:25:07 UTC+1 schrieb Cédric Krier: > > > On 2018-01-29 12:47, Axel Braun wrote: > > > > I would like to discuss https://bugs.tryton.org/issue5375 with all > >

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-03 Thread Cédric Krier
On 2018-02-03 07:48, Axel Braun wrote: > Am Montag, 29. Januar 2018 23:25:07 UTC+1 schrieb Cédric Krier: > > On 2018-01-29 12:47, Axel Braun wrote: > > > I would like to discuss https://bugs.tryton.org/issue5375 with all > > > developers involved. > > > > All developers have already commented on

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-02-03 Thread Axel Braun
Am Montag, 29. Januar 2018 23:25:07 UTC+1 schrieb Cédric Krier: > On 2018-01-29 12:47, Axel Braun wrote: > > I would like to discuss https://bugs.tryton.org/issue5375 with all > > developers involved. > > All developers have already commented on the issue and we all agree that > the proposal is w

Re: [tryton-dev] Impact mitigation for DDoS attack

2018-01-29 Thread Cédric Krier
On 2018-01-29 12:47, Axel Braun wrote: > I would like to discuss https://bugs.tryton.org/issue5375 with all developers > involved. All developers have already commented on the issue and we all agree that the proposal is wrong, solves nothing and weakens the brute force attack protection. > In sh