[1819] in linux-security and linux-alert archive
[linux-security] Re: Linux DoS attack through autoprobing
daemon@ATHENA.MIT.EDU (Hugo van der Kooij)
Fri Jun 5 18:27:17 1998
Date: Fri, 5 Jun 1998 20:14:58 +0200 (CEST)
From: Hugo van der Kooij <hvdkooij@caiw.nl>
Reply-To: Hugo.van.der.Kooij@caiw.nl
To: linux-security@redhat.com
In-Reply-To: <Pine.ULT.3.93.980604232245.2253A-100000@ultrix6.cs.csubak.edu>
Resent-From: linux-security@redhat.com
On Thu, 4 Jun 1998, Dave wrote:
> On Fri, 5 Jun 1998, Martin Pool wrote:
>
> > The autodetection routines for some linux modules can tie up the
> > machine for several seconds at a time. By trying to open devices not
> > present on the machine, a local user can disrupt service considerably.
> >
> > A very simple exploit is
> >
> > victim$ ls /dev/*/*
> >
> > repeatedly.
> >
> > A suggested fix is to remove or chmod 0 device nodes for hardware
> > not installed on the machine. Ideally, modules shouldn't lock the
> > machine while they probe, but I suppose this might not always
> > be possible.
>
> There is a rather annoying problem related to this. I've experienced bad
> reactions between my Adaptec aha-2940uw SCSI controller and zipdrive.
> When the driver finds a bad sector on a zipdisk, the kernel locks,
> repeatedly tries to read the sector, and spews error messages. Read
> attempts seem to last 5-10 minutes. Between read attempts, you get a few
> seconds of interaction with the system. The drive is "semi-mounted" at
> this point. Pushing the eject button will cause the disk to be ejected at
> the next few seconds of interaction. You'll then have your system back to
> normal. Typing "eject /dev/<zipdrive>" doesn't seem to work. Any form of
> reading the bad sector will lock up the kernel while it repeatedly tries
> to read the bad sector, even a reformat while checking for bad sectors.
I have similar behaviour with a NCR 53C810 while my DAT tape was
rewinding. Compiling a kernel with SCSI disconnect did help here. In my
opinion SCSI is a great bus as it allows you to issue a command to a
device and then detach. As soon as the device is ready it will signal the
card and transfer the data.
This should be handled by the low level driver. But we all know that
Adaptec cards are GNU-political incorrect.
Hugo.
+------------------------+------------------------------+
| Hugo van der Kooij | Hugo.van.der.Kooij@caiw.nl |
| Oranje Nassaustraat 16 | http://www.caiw.nl/~hvdkooij |
| 3155 VJ Maasland | (De man met de rode hoed) |
+------------------------+------------------------------+
"Computers let you make more mistakes faster than any other invention in
human history, with the possible exception of handguns and tequila."
(Mitch Radcliffe)
--
----------------------------------------------------------------------
Please refer to the information about this list as well as general
information about Linux security at http://www.aoy.com/Linux/Security.
----------------------------------------------------------------------
To unsubscribe:
mail -s unsubscribe linux-security-request@redhat.com < /dev/null