This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
So I have a server. People can do simple DOS attacks by just telneting my server from their machine. This locks up my server for a bit. When it comes back, the server GUI doesn't work, but the server resumes normal activities. The server is a very advanced messaging client with features such as login, register, change password, delete account, change color, mod functions and many other things. What I've found is when people use the DOS attacks (such as telnet), my program throws ConcurrentModificationExceptions all over the place. I have reduced the downtime of the server (initial lockup of attack) during a DOS attack, but it still goes down for a few seconds. I have it set up to where the server just "posts" the messages when it is done. Please note that the people who have send DOS attacks are testers and that I am not being REALLY hacked, yet. Before I put more time into this project (as I've put a LOT of time into it already), I need to stop these attacks. I was thinking like :
This is REALLY bad pseudo code, but you get the idea. Is this the right way in going about blocking DOS attacks. What happens is they stream so much traffic (not through the intended client), that it locks up my server for a few seconds...
EDIT: I would have to accept them first then check for IP address to see if they have sent x number of packets/messages/etc in x number of seconds. This is besides the point, because I need to know HOW to do it. This is just a random solution that may work...Anyway, current security, blocking spammers/hackers/etc, etc is all based on IP addresses.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” (Mosher's Law of Software Engineering)
“If debugging is the process of removing bugs, then programming must be the process of putting them in.” (Edsger Dijkstra)
I partially figured out a solution for this. I added the line inside of a try/catch statement:
This ensures that the handshake is started, which means they don't connected unless they are connected of course. This no longer locks users or the server out of anything and there is no delay. There is still one problem. With this (I'll post short code), if someone is attacking, the client waits to be connected until the "attack" (telnet or otherwise) is done. So users who are already connected to the server when the "attacks" happen are find, but others can't connect until the "attack" stops. How to allow other users to connect while being "attacked"?
Yes, the "*" aren't in my real code.
If I could just get "startHandshake()" to time out, I could set that to 3 seconds or so. If the handshake was not initialized, then I could cut off the client. How to do this? Good idea or do you have a better one?