Hi!
One of my client recently got blocked because of CPU abuse (load average was on ~2000 value
) on his LXC container. Causing the node to crash.
I recreated the enviroment at test node and started trying to prevent this abuse - It was some kind of request generator for DoS attacks that are beeing filtered by firewalls further but still user can abuse the node CPU/RAM potentialy causing hardware to degrade over time. This VPS was hacked because of client's password policy that was... It just wastn't good enough...
Is there any method for proxmox to detect this kind of abuse and shutdown the container immediately after reaching load higher than vCPU's count? Or prevent this in other way?
One of my client recently got blocked because of CPU abuse (load average was on ~2000 value
) on his LXC container. Causing the node to crash.I recreated the enviroment at test node and started trying to prevent this abuse - It was some kind of request generator for DoS attacks that are beeing filtered by firewalls further but still user can abuse the node CPU/RAM potentialy causing hardware to degrade over time. This VPS was hacked because of client's password policy that was... It just wastn't good enough...
Is there any method for proxmox to detect this kind of abuse and shutdown the container immediately after reaching load higher than vCPU's count? Or prevent this in other way?
