Date: Fri, 3 Dec 1999 10:33:53 -0500 (EST) From: danh@wzrd.com (Dan Harnett) To: mike@sentex.net (Mike Tancsa) Cc: freebsd-security@freebsd.org Subject: Re: Other outstanding vulnerabilities Message-ID: <19991203153353.5FB085D026@mail.wzrd.com> In-Reply-To: <3.0.5.32.19991202154308.01bc93c0@staff.sentex.ca> from Mike Tancsa at "Dec 2, 1999 3:43: 8 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, It has been my experience that the setsockopt() DoS can be avoided by setting NMBCLUSTERS to a reasonably high level and setting a limit on the number of file descriptors that any given user can use (be it through the shell or through /etc/login.conf). I realize this is not a fix, but it seems to work until there is a fix available. Dan Harnett > > While on the topic of vulnerabilities etc, has there been any progress on > these two DoSes ? > > http://www.securityfocus.com/vdb/bottom.html?vid=622 > http://www.securityfocus.com/vdb/bottom.html?vid=526 > > they are the setsockopt() and mmap DoSes... There was talk of the mmap > being patched up in Current, but I havent seen anything official. Bugtraq > still lists all versions of FreeBSD vulnerable. > > ---Mike > ------------------------------------------------------------------------ > Mike Tancsa, tel +1 519 651 3400 > Network Administrator, mike@sentex.net > Sentex Communications www.sentex.net > Cambridge, Ontario Canada > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991203153353.5FB085D026>