Denial of service process table attacks

From: John Conover (conoverat_private)
Date: Tue Feb 23 1999 - 00:43:24 PST

Next message: Alistair Cunningham: "Re: Security hole: "zgv""

Previous message: Georgi Guninski: "Re: Netscape Communicator window spoofing bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The DNS process table attacks are mentioned at:

    http://lwn.net/daily/ptable.html

I have been using tcpserver as a replacement for inetd for many
months. It is at:

    ftp://koobera.math.uic.edu/www/ucspi-tcp.html

and allows limiting the *_number_* of concurrent processes forked out
of the inet facilities, as opposed to the *_rate_* of forked
processes.

Also, optionally, allows logging by port, with access control via a
fast database, by IP, and user.

I'm currently using it on httpd, ftp, faxd, smtp, telnet, pop3, and
the qmail daemons. Seems viable.

FWIW, FYI ...

	John

--

John Conover, 631 Lamont Ct., Campbell, CA., 95008, USA.
VOX 408.370.2688, FAX 408.379.9602
conoverat_private, http://www2.inow.com/~conover/john.html

Next message: Alistair Cunningham: "Re: Security hole: "zgv""
Previous message: Georgi Guninski: "Re: Netscape Communicator window spoofing bug"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:37:10 PDT