patching: in rc.conf above inetd_flags type -l -R 1024? :) >Hi, > >At the beginning i'd like to excuse all of you if it is commonly well >known (hmm, i guess it is, but noone patched it ;>. > >Both DoS`s use something known as portfuck (e.g. `while true; do telnet >host port & done`). >1. If you use it against any inetd service, inetd will shoutdown that >service for about 30 minutes (i did not checked, but it seems to be about >that time). >2. If you use it against sshd, you have 99% that you crash the mashine in >few seconds. >TESTED: >sshd-1.2.26 on Debian 2.0 >sshd-1.2.27 on Debian 2.1 >sshd-1.2.27 on RedHat 5.2 >inetd - one provided with Debian 2.0/2.1/Redhat 5.2 >all above platforms are VULNURABLE to this attack >COMPROMISE: >Allows any user to hang many machines in the Internet (i guess that only >these behind a firewall are secure ;> >SOLUTION: >propaply running in ulimit envirmont (like qmail does) should help and >additionally in inetd remove this strange 'protection'. > >regards, > greg AKA VanitaS > >*************************************************************************** >* Grzegorz Stelmaszek * For my public PGP key: >* mailto:gregat_private * finger:gregat_private >* http://www.tenet.pl * 18 E9 5E 6D 78 F0 11 F2 >****************************** 45 CF CF 63 77 C0 A4 20
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:02:20 PDT