Avoiding too many connections at startup (TCP SYN sweep)
Posted: September 14th, 2013, 9:07 am
Hello,
To whom it may concern,
I find it a little bit problematic that SABNZBD is connecting too fast at the beginning.
For example, I have 2 newsservers and each of these servers is having 15 connections, so at the startup of SABNZBD there will be a short moment when he makes 30 connections within one second.
Some firewalls, unfortunately, classify this as an attack coming from the inside, and fire up a false alarm about a TCP SYN HOST SWEEP attack (which, in fact, is no attack at all).
I want to avoid these false alarms, so I need a short delay between starting up of each connection.
I tried to do this myself and can tell you despite I am no python programmer at all (I'm rather a perl programmer) I think I succeeded; but better methods or suggestions how to implement this are, ofcourse, welcome.
What I did is: I changed the file /usr/local/src/SABnzbd-0.7.11/sabnzbd/downloader.py: ( - yes - I am a Linux user!)
I changed following lines:
by adding a time.sleep - into:
So, whenever SABNZBD initiates a connection, he sleeps for 2 seconds. Thus it takes 60 seconds to connect to all 30 connections, but I think it's worth the trouble.
I just want to avoid unneccessary trouble from paranoid persons.
Is my solution correct? What do you think? Anything else that could be done about this issue?
To whom it may concern,
I find it a little bit problematic that SABNZBD is connecting too fast at the beginning.
For example, I have 2 newsservers and each of these servers is having 15 connections, so at the startup of SABNZBD there will be a short moment when he makes 30 connections within one second.
Some firewalls, unfortunately, classify this as an attack coming from the inside, and fire up a false alarm about a TCP SYN HOST SWEEP attack (which, in fact, is no attack at all).
I want to avoid these false alarms, so I need a short delay between starting up of each connection.
I tried to do this myself and can tell you despite I am no python programmer at all (I'm rather a perl programmer) I think I succeeded; but better methods or suggestions how to implement this are, ofcourse, welcome.
What I did is: I changed the file /usr/local/src/SABnzbd-0.7.11/sabnzbd/downloader.py: ( - yes - I am a Linux user!)
I changed following lines:
Code: Select all
try:
logging.info("%s@%s:%s: Initiating connection",
nw.thrdnum, server.host, server.port)
nw.init_connect(self.write_fds)
Code: Select all
try:
logging.info("%s@%s:%s: Initiating connection",
nw.thrdnum, server.host, server.port)
time.sleep(2)
nw.init_connect(self.write_fds)
I just want to avoid unneccessary trouble from paranoid persons.
Is my solution correct? What do you think? Anything else that could be done about this issue?