Date: Mon, 06 Mar 2000 20:37:39 -0800 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: Mike Tancsa <mike@sentex.ca> Cc: stable@FreeBSD.ORG Subject: Re: Stopping a DoS by patching aio calls in STABLE Message-ID: <200003070438.UAA03997@cwsys.cwsent.com> In-Reply-To: Your message of "Mon, 06 Mar 2000 11:12:49 EST." <3.0.5.32.20000306111249.00eef270@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <3.0.5.32.20000306111249.00eef270@marble.sentex.ca>, Mike Tancsa wri tes: > > As a work around to preventing a local DoS in STABLE (PR 17152), it was > suggested to me by Alfred Perlstein that I "patch [my] kernel to make all > aio calls return ENOSYS". Does anyone have any suggestions as how to do > that ? I have a shell server that I am a little worried about because of > script kiddies :-( Take a look at spy. Though it only works under -CURRENT and won't solve your immediate problem, it's still a pretty neat concept. Spy can be found at http://www.freebsd.org/~abial/spy-0.1.tgz and the manual can be found at http://www.freebsd.org/~sheldonh/spy.4. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC "COBOL IS A WASTE OF CARDS." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200003070438.UAA03997>