[1052] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] inetd and denial-of-service

daemon@ATHENA.MIT.EDU (Peter Tobias)
Thu Aug 22 07:17:26 1996

To: dholland@hcs.HARVARD.EDU (David Holland)
Date: Wed, 21 Aug 1996 18:39:19 +0200 (MET DST)
From: "Peter Tobias" <tobias@server.et-inf.fho-emden.de>
Cc: j@pobox.com, linux-security@tarsier.cv.nrao.edu
Reply-To: tobias@et-inf.fho-emden.de
In-Reply-To: <199608201941.PAA21576@hcs.harvard.edu> from "David Holland" at Aug 20, 96 03:41:49 pm

David Holland wrote:
>  > This is a message I saw on the kernel mailing list:
>  > 
>  > On Fri, 16 Aug 1996, Klaus Lichtenwalder wrote:
>  > 
>  > > I have an application that for simplicity backs up new files from a file
>  > > server via rsh. Things thingy stops after a few rsh calls to the remote
>  > > Linux machine. The following message can be found in syslog:
>  > > 
>  > > Aug 16 17:53:59 gaston inetd[73]: shell/tcp server failing (looping),
>  > > service terminated
>  >  [...]
>  >
>  > Obviously, this could be a denial of service attack.
> 
> If you have problems with it, having cron send inetd a SIGHUP every
> fifteen minutes or so should cure the problem. This is gross, though.
> 
>  > [REW: I couldn't reproduce the "terminating service" on my slackware
>  > distribution. It seems to have the same 1.1 version of inetd. I suspect
>  > that the machine is too slow to accept more than 40 requests per minute.
>  > 
>  > I'd rather have the "init" behaviour: "id "c1" respawning too fast:
>  > Disabled for 5 minutes"]
> 
> This has been added to the to-do list for inetd.

This feature does already exist. The inetd-5.30 that the Debian
Distribution uses reenables the service after 10 minutes.


Thanks,

Peter

-- 
 Peter Tobias                                EMail:
 Fachhochschule Ostfriesland                 tobias@et-inf.fho-emden.de
 Fachbereich Elektrotechnik und Informatik   tobias@debian.org
 Constantiaplatz 4, 26723 Emden, Germany     tobias@linux.de

home help back first fref pref prev next nref lref last post