[Psi-Devel] account registration @ jabber.org
stpeter at stpeter.im
Tue Nov 27 18:20:52 PST 2007
On Wed, Nov 28, 2007 at 05:06:54AM +0300, Michail Pishchagin wrote:
> On 28.11.2007, at 3:01, Peter Saint-Andre wrote:
> > The problem is that currently jabber.org is set up to time out
> > unauthenticated streams very quickly (I can't log in with telnet
> > anymore, either).
> > If you wonderful Psi folks think this is a problem with jabber.org I
> > can
> > modify the ejabberd configuration there. But it would be nice if Psi
> > could handle the short timeout, as Gajim does.
> That seems to be done to prevent DDoS attacks that eat all the
> available sockets on the server. Psi seems to be keeping one
> connection from the time it gets the registration time till the time
> it submits the actual registration data.
> So probably it wouldn't be very wise to disable this timeout option.
Right, it's hard to balance security against usability, but that's why
we server admins get paid the big bucks! ;-)
More information about the Psi-Devel