Chapter 1. IDS essentials 31
second session. If during the waiting period, an attacker launches an attack in
a loop mode, a flood of attacks can be received on the connection.
To reduce the risk of denial of service attacks IDS provides multiple listener
threads (listen_authenticate) to handle connections and imposes limits on the
availability of the listener VP for incomplete connections. Two new
configuration parameters can be used to customize this feature:
LISTEN_TIMEOUT
Sets the incomplete connection time-out period (in seconds). This is the
number of seconds the server waits for the connection. The default value of
LISTEN_TIMEOUT parameter is 10.
MAX_INCOMPLETE_CONNECTION
You can restrict the number of incomplete requests for the connection using
MAX_INCOMPLETE_CONNECTION parameter. When the maximum value
is reached, an error message stating that server might be under Denial of
Service attack is written in the online message log file. The default value of
the MAX_INCOMPLETE_CONNECTION parameter is 1024.
1.3.3 Administration and usability
In this section, we provide a brief overview of the administration and usability
features of IDS V10.
Single User Mode
Single user is an intermediate mode between quiescent mode and online
mode. This is an administrator mode which only allows user informix to
connect and perform any required maintenance, including the task requiring
the execution of SQL and DDL statements. You can set this mode using the -j
flag of the oninit and the onmode commands. The oninit -j command brings
the server from offline to single user mode and onmode -j brings the server
from online to single user mode. The server makes an entry in the message
log file whenever it enters and exits the single user mode. Figure 1-9 shows
an example of using onmode command to set the single user mode.
Figure 1-9 The onmode -j example