Date: Tue, 15 May 2001 23:19:17 -0700 From: Kris Kennaway <kris@obsecurity.org> To: Kris Kennaway <kris@obsecurity.org>, freebsd-questions@freebsd.org Subject: Re: My network is dead because of this program :( Message-ID: <20010515231917.B20596@xor.obsecurity.org> In-Reply-To: <20010516114730.A80431@office.naver.co.id>; from john@office.naver.co.id on Wed, May 16, 2001 at 11:47:30AM %2B0700 References: <20010516092035.A79109@office.naver.co.id> <20010515201615.A18164@xor.obsecurity.org> <20010516114730.A80431@office.naver.co.id>
next in thread | previous in thread | raw e-mail | index | archive | help
--LyciRD1jyfeSSjG0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, May 16, 2001 at 11:47:30AM +0700, John Indra wrote: > On Tue, May 15, 2001 at 08:16:15PM -0700, Kris Kennaway wrote: >=20 > >Don't run -current on a production system. Seriously, just don't, > >unless you like dealing with this kind of stuff. The bug report may > >be useful, but you're playing with fire. >=20 > This is actually not a production machine. > Does this recommendation imply that if I run -STABLE things like this won= 't > happen? It's certainly much less likely (-current is not production-quality almost by definition, although lately it's been better than it was). However in this case it's probably just a resource-exhaustion denial of service attack which could work anywhere, and which it's possible to guard against using resource limitations (login.conf for things like CPU usage and fork bombs, and dummynet for network resource throttling). Ultimately the best (perhaps only) solution for obnoxious users is rmuser(8). By the way, did you look to see what this guy was targetting his packet flooder at? I would not be surprised if it was flooding a remote system and the local consequences were ancillary. Kris --LyciRD1jyfeSSjG0 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.5 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7AhvkWry0BWjoQKURAjoLAJ91bjx/jlr0AOLjSe2CC1UA5vlyWgCeO5oP Yjc7TMy/tdTxOxdCDPdDcY4= =9+wh -----END PGP SIGNATURE----- --LyciRD1jyfeSSjG0-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010515231917.B20596>