[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: connection timeout?



At 07:31 AM 2001-10-11, Jure Pecar wrote:
>Run such a shell script against your ldap server. It tries to make a lot
>of connections at once. Now i have a 2.0.15 openldap server compiled with
>FD_SETSIZE=16384 and the same setting for ulimit -n, but the above script
>starts returning "Can't contact LDAP server" before the nuber reaches
>2000.

You are exceeding some critical resource.  The logs should give
some indication as to which.

>If you let it run in a permanent loop, it could be a simple DoS. 

Actually, it's an overly complex DoS attack.  There are much
simpler ones.

Kurt