From owner-freebsd-security Wed Sep 1 11: 6:53 1999 Delivered-To: freebsd-security@freebsd.org Received: from granite.sentex.net (granite.sentex.ca [199.212.134.1]) by hub.freebsd.org (Postfix) with ESMTP id B38061517A for ; Wed, 1 Sep 1999 11:06:44 -0700 (PDT) (envelope-from mike@sentex.net) Received: from simoeon (simeon.sentex.ca [209.112.4.47]) by granite.sentex.net (8.8.8/8.6.9) with SMTP id OAA07516; Wed, 1 Sep 1999 14:05:47 -0400 (EDT) Message-Id: <3.0.5.32.19990901140428.01f197b0@staff.sentex.ca> X-Sender: mdtpop@staff.sentex.ca X-Mailer: QUALCOMM Windows Eudora Light Version 3.0.5 (32) Date: Wed, 01 Sep 1999 14:04:28 -0400 To: FreeBSD -- The Power to Serve From: Mike Tancsa Subject: Re: FW: Local DoS in FreeBSD Cc: freebsd-security@FreeBSD.ORG In-Reply-To: References: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 11:49 AM 9/1/99 -0600, FreeBSD -- The Power to Serve wrote: >If you have public access users, you should have login accounting in the >first place.. and yes, it does stop it :).. I verified this on a 3.2 box >with my login accounting setup.. How does accounting stop it ? Or do you mean it just discourages users from doing it ? How much overhead does accounting add to the system ? Also, limiting the amount of file descriptors can prevent it, as the 'bug' is essentially a resource starving issue (e.g. fork bomb) ---Mike ------------------------------------------------------------------------ Mike Tancsa, tel 01.519.651.3400 Network Administrator, mike@sentex.net Sentex Communications www.sentex.net Cambridge, Ontario Canada To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message