Is your e3000 Environment Secure? Homestead security
page 86April 24, 2003
Is Your Homestead Secure? - Solution Symposium West
Configure sane connection limits
• Attackers can exhaust processor, memory, and disk
resources by making hundreds (or thousands) of
concurrent connections to network services
• Make sure each network service is configured with sane
connection limits
– :NMMGR global TCP and UDP parameters
– :NSCONTROL SERVER=name,min,max
– Apache MaxClients directive
– Samba "max smbd processes" parameter
• Unfortunately no connection limits within INETD