Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 27 Oct 1997 10:43:05 -0700 (MST)
From:      Nate Williams <nate@mt.sri.com>
To:        Tom <tom@uniserve.com>
Cc:        Nate Williams <nate@mt.sri.com>, "Andrey A. Chernov" <ache@freebsd.org>, cvs-committers@freebsd.org, cvs-all@freebsd.org, cvs-etc@freebsd.org
Subject:   Fingerd problems (was Re: cvs commit: src/etc master.passwd)
Message-ID:  <199710271743.KAA00685@rocky.mt.sri.com>
In-Reply-To: <Pine.BSF.3.96.971027093542.11950A-100000@shell.uniserve.com>
References:  <199710271718.KAA00563@rocky.mt.sri.com> <Pine.BSF.3.96.971027093542.11950A-100000@shell.uniserve.com>

next in thread | previous in thread | raw e-mail | index | archive | help
>   A problem with fingerd is that is does fuzzy lookups by default.  If
> /etc/master.passwd is large, it will use a significant amount of CPU.
> Starting up 30-40 fingerds makes an easy and effective DoS attack.

If this is a problem, disable fingerd.  If that's not feasible, then I
think your other solution is really the only other solution (limiting
the # of fingerd's that should run.)



Nate



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710271743.KAA00685>