Date: Sat, 24 Jun 2000 01:12:38 -0400 (EDT) From: Bosko Milekic <bmilekic@dsuper.net> To: Christiaan Rademan <christiaan@mics.co.za> Cc: security@FreeBSD.ORG Subject: Re: Security Bug. Message-ID: <Pine.BSF.4.21.0006240108490.18544-100000@jehovah.technokratis.com> In-Reply-To: <39541671.84FFC647@mics.co.za>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 24 Jun 2000, Christiaan Rademan wrote:
> Hi.
>
> I am hosting a shell server, for my dialup users at a ISP.
That's problem #1. :-)
> We have one slight problem, there is a DoS attack that affects
> FBSD4.0Stable locally
> and other FBSD releases.
>
> If the DoS attack is runned locally, the system stops accepting
> connections then die's off.
>
> Here is the bug... :-) if there is a patch already please post it
> here...
This is a resource exhaustion, previously it panic-ed the machine. It
no longer does. Also, the socket buffer size (sbsize) limit very much
exists. The fact that you haven't carefully read login.conf(5) and are
running a public shell server is problem #2.
[...]
Hope this helps,
Bosko.
--
Bosko Milekic * Voice/Mobile: 514.865.7738 * Pager: 514.921.0237
bmilekic@technokratis.com * http://www.technokratis.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0006240108490.18544-100000>