From owner-freebsd-security Sun Apr 9 21:32:39 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id VAA00292 for security-outgoing; Sun, 9 Apr 1995 21:32:39 -0700 Received: from mail.barrnet.net (mail.BARRNET.NET [131.119.246.7]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id VAA00284 for ; Sun, 9 Apr 1995 21:32:38 -0700 Received: from goof.com (goof.com [198.82.204.15]) by mail.barrnet.net (8.6.10/MAIL-RELAY-LEN) with ESMTP id VAA16122 for ; Sun, 9 Apr 1995 21:16:42 -0700 Received: (from mmead@localhost) by goof.com (8.6.11/8.6.9) id AAA02586; Mon, 10 Apr 1995 00:19:14 -0400 Date: Mon, 10 Apr 1995 00:19:14 -0400 From: "matthew c. mead" Message-Id: <199504100419.AAA02586@goof.com> To: Mark Hittinger Cc: freebsd-security@FreeBSD.org Subject: Re: satan "heavy" mode attacks In-Reply-To: Your message of Sat, April 8, 1995 12:58:56 -0400 References: <199504081658.MAA29650@ns1.win.net> Sender: security-owner@FreeBSD.org Precedence: bulk On Sat, April 8, 1995 at 12:58:56 (-0400), Mark Hittinger wrote: > I've just read that some sites are reporting that using satan in its "heavy" > mode will overload an inetd and make it toss its cookies. > There are reports that the activity also causes some firewall products to > consume available memory and discontinue logging some things. > We probably need to double check our inetd and make sure it can deal with > the resource overload issue. I've run *several* heavy level satan checks against goof.com over a T1 connection and haven't had a problem at all... -matt -- Matthew C. Mead -> Virginia Tech Center for Transportation Research - -> Multiple Platform System and Network Administration Work Related -> mmead@ctr.vt.edu | mmead@goof.com <- All Other ---- ------- WWW -> http://www.goof.com/~mmead --- -----