Date: Mon, 27 Oct 1997 10:43:05 -0700 (MST) From: Nate Williams <nate@mt.sri.com> To: Tom <tom@uniserve.com> Cc: Nate Williams <nate@mt.sri.com>, "Andrey A. Chernov" <ache@freebsd.org>, cvs-committers@freebsd.org, cvs-all@freebsd.org, cvs-etc@freebsd.org Subject: Fingerd problems (was Re: cvs commit: src/etc master.passwd) Message-ID: <199710271743.KAA00685@rocky.mt.sri.com> In-Reply-To: <Pine.BSF.3.96.971027093542.11950A-100000@shell.uniserve.com> References: <199710271718.KAA00563@rocky.mt.sri.com> <Pine.BSF.3.96.971027093542.11950A-100000@shell.uniserve.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> A problem with fingerd is that is does fuzzy lookups by default. If > /etc/master.passwd is large, it will use a significant amount of CPU. > Starting up 30-40 fingerds makes an easy and effective DoS attack. If this is a problem, disable fingerd. If that's not feasible, then I think your other solution is really the only other solution (limiting the # of fingerd's that should run.) Nate
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710271743.KAA00685>