Denial of service attacks can occur when a malicious client creates multiple objects and continues to renew the lifetime lease to consume server resources. Server-side remote objects contain a default lease. In this state, a client can continue to renew the lease forever. However, you can implement the ILease interface on the server and explicitly control sponsors and renewals. To do this, override InitializeLifetimeService on your MarshalByRefObject object. The remoting infrastructure calls this method when the object is created. The lease can also be set programmatically by using the <lifetime> element.