Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
June 29, 2008, 12:01 am
rate this thread
As part of securing my Linux machine, i would like to impose limits on
PSQL database and Apache web server daemons (and others) from
consuming excessive memory, cpu, disk IO and child processes.
Basically i would like to prevent a DOS attack by way of limiting the
amount of memory cpu disk and processes daemons such as Apache and
Preferably i would like to set the limits *external* to the daemon.
For example: the OS itself prevents the daemons from consuming
excessive resources. (e.g. not limiting the amount of child processes
from within Apache)
The security ideology that i am following is, if someone attempts a
buffer overflow that goes wrong, and the PSQL daemon begins to
increase memory consumption, i would not like it to consume all memory
available to my machine (as an example).
AFAIK xinetd is a TCP wrapper daemon that can prevent excessive tcp
connections (processes etc etc) - but i would like to include memory
consumption, disk io as well.
Any thoughts about if this is the correct path to take, how i could
accomplish this ideology, would be greatly appreciated.
Thanks in advance
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security