Dear all, I would like to discuss https://bugs.tryton.org/issue5375 with all developers involved.
In short, what is it about? In current implementation of the Tryton Server, each failed login attempt is written to a database table (https://bugs.tryton.org/msg24643) As a consequence, in case of a DDoS attack [1], the backend is flooded with requests, filling the database and exhausting its resources (IO, conn. pool, memory, transaction logs ..), leading to contention and finally bringing the system down. This could be proofed with a small script. In order to mitigate the impact of a DDoS attack, a patch was proposed in above issue that implements a login timeout similar to the Secure Shell (SSHD): On a failed login attempt, the a timeout of 3 seconds (by default) on that session is applied before the next login. It also removes the functionality of writing the failed attempt on the dabasase table, so the IO subsystem on PostgreSQL, FS and network are not impacted in comparison to the server without the patch. As you can see in above issue, the patch was not applied. For openSUSE packages, I have applied it anyway, as I feel it makes sense. Now I received the request to remove it again So let me know your thoughts about the proposed patch – which of the two proposals has less impact in case of a DDoS attack? [1] We are not talking about means to prevent a DdoS, e.g. by a proxy configuration or similar Thanks Axel -- You received this message because you are subscribed to the Google Groups "tryton-dev" group. To view this discussion on the web visit https://groups.google.com/d/msgid/tryton-dev/3166c2c9-58b3-4eec-92ab-136a74d6948c%40googlegroups.com.
