Hi, > Another issue related to 350 simultaneous MDConfig connections has > recently surfaced at ASCII Japan. MDaemon can be configured to allow > secure MDConfig connections which will prevent this problem from ever > occurring. This can be done now, however the 11/30/99 full patch will > contain additional coding to prevent such a problem from occuring in > the event that the system admin has left the port wide open for anyone > to exploit. I can't see that patch. And besides,it is NOT affected only on MDConfig port. I can see same problem on POP port. So, all MDaemon 2.8.5 users should use that patch for preventing that too much connect() DoS. Not just MDConfig port. Nobuo Miwa <Nobuo Miwa> n-miwaat_private ( @ @ ) http://www.lac.co.jp/security/ --------------------------o00o--(. .)--o00o--------------------------
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:16:04 PDT