RE: (PM) Filtering Mail Pings

Chad Scott (chad@txdirect.net)
Wed, 21 Jan 1998 08:13:20 -0600

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Chad Scott: "RE: (PM) Thanks Megazone and goodluck!"
Previous message: Tim Flavin: "Re: (PM) Thanks Megazone and goodluck!"

On Wednesday, January 21, 1998 1:09 AM, Stefan Hudson
[SMTP:hudson@mbay.net] wrote:
> On Tue, Jan 20, 1998 at 09:44:18AM -0600, Mia's Virtual Post Office
wrote:
> > The ComOS needs to have something written into it that detects pings
that
> > come in regular intervals and pops people out the moment it detects it.
> > Then we can tell people when they sign up that pinging the connection
is
> > illegal and if they do it they will be popped out.
>
> Unfortunately, this is simply not practical. There are so many possible
> ways of defeating an idle timer that it is not effectively possible to
> detect all of them. For any possible algorithm that could be used detect
> "idle" ports, there is a way to deliberately defeat it. It would be
> far too complicated a system to implement in a terminal server.
>
> I have considered setting up a machine running tcpdump, and writing some
> software to try to detect "keepalive" connections based on that output
> and other things like mail server logs, but it would be hard to write,
> very CPU intensive, and it still would be trivial to defeat it
> deliberately.

It has been mentioned several times before that Lucent should give ComOS
the ability to filter the data that is passed to the idle-timer routine.
In this way, you have a little more control over what the PM uses to
determine activity.

It would still be trivial to defeat, however.

Chad Scott
Network Operations
Internet Direct, Incorporated

-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.

Next message: Chad Scott: "RE: (PM) Thanks Megazone and goodluck!"
Previous message: Tim Flavin: "Re: (PM) Thanks Megazone and goodluck!"