From owner-freebsd-security Fri Mar 16 10:43:12 2001 Delivered-To: freebsd-security@freebsd.org Received: from lunatic.oneinsane.net (lunatic.oneinsane.net [66.42.61.27]) by hub.freebsd.org (Postfix) with ESMTP id 11DAF37B71C for ; Fri, 16 Mar 2001 10:43:04 -0800 (PST) (envelope-from insane@lunatic.oneinsane.net) Received: by lunatic.oneinsane.net (Postfix, from userid 1000) id 3EFB81555B; Fri, 16 Mar 2001 07:15:12 -0800 (PST) Date: Fri, 16 Mar 2001 07:15:12 -0800 From: Ron 'The InSaNe One' Rosson To: freeBSD-security@freeBSD.org Subject: Re: Multiple vendors FTP denial of service (fwd) Message-ID: <20010316071511.A46313@lunatic.oneinsane.net> Reply-To: Ron Rosson Mail-Followup-To: freeBSD-security@freeBSD.org References: <98righ$100l$1@FreeBSD.csie.NCTU.edu.tw> <004b01c0ada9$99f7b540$db9497cf@singingtree.com> <20010315215913.A70990@mollari.cthul.hu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010315215913.A70990@mollari.cthul.hu>; from kris@obsecurity.org on Thu, Mar 15, 2001 at 09:59:13PM -0800 X-Operating-System: FreeBSD lunatic.oneinsane.net 4.2-STABLE X-Moon: The Moon is Waning Gibbous (53% of Full) X-Opinion: What you read here is my IMHO X-WWW: http://www.oneinsane.net X-GPG-FINGERPRINT: 3F11 DB43 F080 C037 96F0 F8D3 5BD2 652B 171C 86DB X-Uptime: 7:13AM up 4 days, 11:04, 1 user, load averages: 0.04, 0.05, 0.01 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Kris Kennaway (kris@obsecurity.org) wrote: > On Thu, Mar 15, 2001 at 03:42:29PM -0800, Michael A. Dickerson wrote: > > > 4.1 from Aug 10th is hurt by it. > > > > > > ---Mike > > > > > > > So is 4.3-beta (otherwise known as 4-stable) from March 8. ftpd uses 100% > > cpu and memory use grows until the kernel runs out of swap space and starts > > killing processes. This was an ftp connection with a regular username and > > password, in an average home directory. > > I'm pretty sure (but haven't tested) that resource limits will prevent > this problem. Your ftpd shouldn't be using large amount of memory > under normal operating procedures, so you can set those to reasonable > values and not suffer any ill effects. > > Kris But, by default are the resource limits set properly to avoid this out of the box? Or does one have to make the mod themselves. TIA -- ------------------------------------------------------------------------------ Ron Rosson ... and a UNIX user said ... The InSaNe One rm -rf * insane@oneinsane.net and all was /dev/null and *void() ------------------------------------------------------------------------------ daemon(n): 1. an attendant power or spirit : GENIUS 2. the cute little mascot of the FreeBSD operating system To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message