lua-users home
lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]



Am 30.12.2011 09:53 schrieb "Dimiter "malkia" Stanev" <malkia@gmail.com>:
>
> What would happen then, is that such behaviour is detected, and the user is banned (sometimes for very long period)
>

Banning is not an appropriate measure against DOS attacks...
Randomizing strings can be however made on any level IMHO by prefixing strings before storing them. The interning table could still be targeted,  but the GC would take care of the problem at some point.  Btw, if prefixes are used, it could be made random per entry or user or time ... but the prefix length should vary in order to be unpredictable to the byte skipping hashing of Lua.