Re: (PM) Filtering Mail Pings

Stefan Hudson (hudson@mbay.net)
Tue, 20 Jan 1998 23:08:58 -0800

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tom: "Re: (PM) Class C"
Previous message: Josh Richards: "Re: (PM) Class C"

On Tue, Jan 20, 1998 at 09:44:18AM -0600, Mia's Virtual Post Office wrote:
> The ComOS needs to have something written into it that detects pings that
> come in regular intervals and pops people out the moment it detects it.
> Then we can tell people when they sign up that pinging the connection is
> illegal and if they do it they will be popped out.

Unfortunately, this is simply not practical. There are so many possible
ways of defeating an idle timer that it is not effectively possible to
detect all of them. For any possible algorithm that could be used detect
"idle" ports, there is a way to deliberately defeat it. It would be
far too complicated a system to implement in a terminal server.

I have considered setting up a machine running tcpdump, and writing some
software to try to detect "keepalive" connections based on that output
and other things like mail server logs, but it would be hard to write,
very CPU intensive, and it still would be trivial to defeat it
deliberately.

-- 
     /// Stefan Hudson <hudson@mbay.net>  
__  /// Senior Network Administrator - Monterey Bay Internet
\\\/// http://www.mbay.net/  -  Email: info@mbay.net
 \XX/ Voice: 408-642-6100  Fax: 408-642-6101  Modem: 408-642-6102
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.

Next message: Tom: "Re: (PM) Class C"
Previous message: Josh Richards: "Re: (PM) Class C"