Deskshare servelet can allow too many connections and cause red5 to get into a loop

[GoogleCodeExporter]

If a system is attacked by a program connecting to the deskshare port 9123 
until the open file limit is exceeded, 
then an attempt is made to connect to port 5080 (the Red5 tomcat port), then 
red5 will get into a loop and fill the hard drive.

For now, I recommend that a parameter be created that specifies the maximum 
number of connections to the deskshare port, 
with a default value of something like 50.

Also, to avoid a denial of service attack, there should be a time limit on 
initial activity on the connection. 

Otherwise, an attacker could open the connection and send nothing, thereby 
using up all the connection resources and denying others the chance to connect.

Original issue reported on code.google.com by ritza...@gmail.com on 28 Feb 2013 at 3:49

[GoogleCodeExporter]

Original comment by ffdixon@gmail.com on 1 Mar 2013 at 12:59

• Added labels: Component-DeskShare, Security

[GoogleCodeExporter]

Add a handshake between applet and server. If handshake doesn't occur within a 
period of time, close the connection.

Original comment by ritza...@gmail.com on 18 Apr 2013 at 6:31

[GoogleCodeExporter]

Original comment by ffdixon@gmail.com on 15 Jun 2013 at 10:26

• Removed labels: Milestone-Release0.81