Date: Wed, 28 Mar 2001 21:33:35 -0500 From: Pete Fritchman <petef@databits.net> To: Kal Torak <kaltorak@quake.com.au> Cc: freebsd-isp@freebsd.org Subject: Re: DOS Attack? "No memory for tx list, out of mbufs" Message-ID: <20010328213335.B4751@databits.net> In-Reply-To: <3AC29DB4.7EBD2143@quake.com.au>; from kaltorak@quake.com.au on Thu, Mar 29, 2001 at 12:28:04PM %2B1000 References: <3AC201D1.5B167E0F@tacni.net> <3AC29DB4.7EBD2143@quake.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
That glob attack will only affect the server's CPU usage, it won't take up mbufs. I'm not so sure this is definately a DOS attack. Just up your NMBCLUSTERS option and see how things go. -pete ++ 29/03/01 12:28 +1000 - Kal Torak: >Tom ONeil wrote: >> >> Greetings All and thanks for the help over the years, >> >> Got this in the logs, machine was locked up and had to reboot. >> >> Mar 27 23:13:45 pendragon proftpd[58667]: pendragon.tacni.net >> (XXX.XXX.XXX.XXX[XXX.XXX.XXX.XXX]) - FTP session closed. >> Mar 28 07:08:05 pendragon /kernel: rl0: no memory for tx list >> Mar 28 07:08:05 pendragon /kernel: rl0: out of mbufs, tried to copy 86 >> bytes > > >Have you got the latest version of proftpd? There is a DoS attack for >it atm, in phrasing things like: >ls */../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../* > >Infact I dont think there is a patch to fix this yet... You should check >the proftpd site... >A few things to stop the attack would be to start proftpd with some ulimits >so it cant take all the system resources, also in your config put something >like DenyFilter \*.*/ > >Hope that helps! > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-isp" in the body of the message -- Pete Fritchman <petef@databits.net> Databits Network Services, Inc. <http://databits.net> finger petef@databits.net for PGP key To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010328213335.B4751>