(Or: Fighting denial-of-service for fun and profit.)
For fun:
I want to run a BBS on an old 386 machine, but exposing it to the Internet via Telnet will turn any drive-by portscan into a potential DoS (not DOS).
I'm sure we've all been there. Right?
For profit:
Someone realises that throwing hundreds of thousands of TLS handshakes per second at us is worth it, and I don't have more CPU to throw at the problem.
That's what we get for placing ourselves in the line of fire, I guess?
Dirty tricks
So what can be done about this? Well it turns out that with Lua and Nginx, I can solve both problems. Join me for a brief excursion into the world of retro-BBSes, an introduction to some Internet Scumbags and their shenanigans, and some possible solutions to these problems.
I'm not an active Lua coder, and I don't know nginx nearly well enough despite having used it for 15 years. So here's fair warning: Anyone who actually knows these things may catch a bout of nausea.