flooding

I'm actually working on a PHP project that will feature a user system (Login,Register,Send lost password to email,..) and I think that this may be very vulnerable to Brute-Force attacks and/or Spam (Send a password to someone's email like 1000 times, etc. use your fantasy) . Do today's webservers (Apache, IIS) have some sort of built-in defense against Brute-Force? What would be the best way to implement an Anti-Spam/Flood system, if I e.g.: want a page not be able to be called more than two times a minute, however another page may be called up to 100 times a minute or so. I would definitely

There are a lot of captchas plugins in Rails and also many types of solutions for preventing spamming and flooding. So it isn't only Rails question. Let's see what types of plugins do we have: 1. Classic image captcha ( zendesk's Captcha , Simple_captcha, Validates_captcha, winton's Captcha , Raptcha). positive: Can be effective to prevent automatic decrypt (not sure about Simple_captcha, but it seems that both zendesk's and winton's captchas don't achieve that, as they use pre-generated images (instead of on-demand), so our possible spam bots can be learned on that images). negative: Require

kernel: possible SYN flooding on port 80. Sending cookies. 以上是系统日志中的信息，可能是遭到SYN洪水攻击（SYN Flood）。 那什么是SYN Flood呢 SYN Flood攻击是一种典型的拒绝服务型（Denial of Service）攻击。所谓拒绝服务型攻击就是通过进行攻击，使受害主机或网络不能够良好的提供服务（就是使服务器不能响应其他的访问请求），从而间接达到攻击的目的。 SYN Flood攻击利用的是IPv4中TCP协议的三次握手（Three-Way Handshake）过程进行的攻击。大家知道协议规定，如果一端想向另一端发起TCP连接，它需要首先发送TCP SYN 包到对方，对方收到后发送一个TCP SYN+ACK包回来，发起方再发送TCP ACK包回去，这样三次握手就结束了。我们把TCP连接的发起方叫作"TCP客户机（TCP Client）"，TCP连接的接收方叫作"TCP服务器（TCP Server）"。值得注意的是在TCP服务器收到TCP SYN request包时，在发送TCP SYN+ACK包回TCP客户机前，TCP服务器要先分配好一个数据区专门服务于这个即将形成的TCP连接。一般把收到SYN包而还未收到ACK包时的连 接状态成为半开连接（Half-open Connection）。 在