From owner-freebsd-security Fri Jun 23 22:11:42 2000 Delivered-To: freebsd-security@freebsd.org Received: from field.videotron.net (field.videotron.net [205.151.222.108]) by hub.freebsd.org (Postfix) with ESMTP id 84D6237BB3C for ; Fri, 23 Jun 2000 22:11:34 -0700 (PDT) (envelope-from bmilekic@dsuper.net) Received: from modemcable009.62-201-24.mtl.mc.videotron.net ([24.201.62.9]) by field.videotron.net (Sun Internet Mail Server sims.3.5.1999.12.14.10.29.p8) with ESMTP id <0FWN00CG07PVT6@field.videotron.net> for security@FreeBSD.ORG; Sat, 24 Jun 2000 01:10:43 -0400 (EDT) Date: Sat, 24 Jun 2000 01:12:38 -0400 (EDT) From: Bosko Milekic Subject: Re: Security Bug. In-reply-to: <39541671.84FFC647@mics.co.za> X-Sender: bmilekic@jehovah.technokratis.com To: Christiaan Rademan Cc: security@FreeBSD.ORG Message-id: MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Sat, 24 Jun 2000, Christiaan Rademan wrote: > Hi. > > I am hosting a shell server, for my dialup users at a ISP. That's problem #1. :-) > We have one slight problem, there is a DoS attack that affects > FBSD4.0Stable locally > and other FBSD releases. > > If the DoS attack is runned locally, the system stops accepting > connections then die's off. > > Here is the bug... :-) if there is a patch already please post it > here... This is a resource exhaustion, previously it panic-ed the machine. It no longer does. Also, the socket buffer size (sbsize) limit very much exists. The fact that you haven't carefully read login.conf(5) and are running a public shell server is problem #2. [...] Hope this helps, Bosko. -- Bosko Milekic * Voice/Mobile: 514.865.7738 * Pager: 514.921.0237 bmilekic@technokratis.com * http://www.technokratis.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message