Date: Wed, 1 Sep 1999 14:10:32 -0600 (MDT) From: FreeBSD -- The Power to Serve <geniusj@free-bsd.org> To: Mike Tancsa <mike@sentex.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: FW: Local DoS in FreeBSD Message-ID: <Pine.BSF.4.10.9909011409520.19266-100000@free-bsd.org> In-Reply-To: <3.0.5.32.19990901140428.01f197b0@staff.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
Exactly what I mean! Limit file descriptors, and it also uses a lot of CPU time so you can limit that too.. It will never crash the system with the proper limits set :). They can run it all they want. On Wed, 1 Sep 1999, Mike Tancsa wrote: > At 11:49 AM 9/1/99 -0600, FreeBSD -- The Power to Serve wrote: > >If you have public access users, you should have login accounting in the > >first place.. and yes, it does stop it :).. I verified this on a 3.2 box > >with my login accounting setup.. > > How does accounting stop it ? Or do you mean it just discourages users > from doing it ? How much overhead does accounting add to the system ? > Also, limiting the amount of file descriptors can prevent it, as the 'bug' > is essentially a resource starving issue (e.g. fork bomb) > > ---Mike > ------------------------------------------------------------------------ > Mike Tancsa, tel 01.519.651.3400 > Network Administrator, mike@sentex.net > Sentex Communications www.sentex.net > Cambridge, Ontario Canada > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.9909011409520.19266-100000>