From owner-freebsd-security Fri Mar 16 10:39:22 2001 Delivered-To: freebsd-security@freebsd.org Received: from mr200.netcologne.de (mr200.netcologne.de [194.8.194.109]) by hub.freebsd.org (Postfix) with ESMTP id A156A37B71C for ; Fri, 16 Mar 2001 10:39:18 -0800 (PST) (envelope-from pherman@frenchfries.net) Received: from husten.security.at12.de (dial-195-14-244-155.netcologne.de [195.14.244.155]) by mr200.netcologne.de (Mirapoint) with ESMTP id ACP70804; Fri, 16 Mar 2001 19:39:16 +0100 (CET) Received: from localhost (localhost.security.at12.de [127.0.0.1]) by husten.security.at12.de (8.11.3/8.11.2) with ESMTP id f2GId8N18527; Fri, 16 Mar 2001 19:39:08 +0100 (CET) (envelope-from pherman@frenchfries.net) Date: Fri, 16 Mar 2001 19:39:08 +0100 (CET) From: Paul Herman To: Peter Pentchev Cc: Anil Jangity , Subject: Re: Multiple vendors FTP denial of service In-Reply-To: <20010316202837.C428@ringworld.oblivion.bg> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi Peter, On Fri, 16 Mar 2001, Peter Pentchev wrote: > It might not be easy to do this via login.conf; if you are running your > ftpd via inetd, though, you can use /usr/bin/limits to do that: > > ftp stream tcp nowait root /usr/bin/limits ftpd -d10K /usr/libexec/ftpd -l ftp stream tcp nowait root/login.class /usr/libexec/ftpd ftpd -l (where login.class is in /etc/login.conf) will also do the trick. > Having said that, I, too, haven't tested whether setting resource > limits eliminates the original problem. It it seems to when the CPU is limited, but as shown in a previous mail, apparently not when the memory is. Hmmm... -Paul. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message