On Tue, Dec 07, 1999 at 11:29:56PM +1100, Darren Reed wrote: > Who has more free file descriptors & network ports, you or the ftp server ? Using raw sockets it's possible to simulate a lot of descriptors/open ports. You just needs to drop outgoing RST in order to implement your ftpd-dos-oriented TCP/IP micro-stack with a minimal memory requirement. In a word: the attacker has more free file descriptors & network ports every times the exploit just do a simple operation such USER/PASS authentication. This isn't true only for this attack but for many others and results in the ability to perform this kind of DoS against a very big server using little resources. antirez
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:19:07 PDT