[11422] in bugtraq
Re: DOS against SuSE's identd
daemon@ATHENA.MIT.EDU (Seth R Arnold)
Thu Aug 19 09:08:51 1999
Mail-Followup-To: BUGTRAQ@SECURITYFOCUS.COM
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <19990817114927.A1019@willamette.edu>
Date: Tue, 17 Aug 1999 11:49:27 -0700
Reply-To: Seth R Arnold <sarnold@WILLAMETTE.EDU>
From: Seth R Arnold <sarnold@WILLAMETTE.EDU>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <19990814202948.26220.qmail@securityfocus.com>; from Hendrik
Scholz on Sat, Aug 14, 1999 at 08:29:48PM -0000
Hendrik (and other posters), when finding similar problems in SuSE or other
products, you may also wish to post to the related-product security list,
such as suse-security@suse.com. Not all who use a product read bugtraq, many
read only the list specific to themselves. (their loss perhaps. :)
Thanks
On Sat, Aug 14, 1999 at 08:29:48PM -0000, Hendrik Scholz wrote:
> Hi!
>
> The inetd.conf starts the identd with the options -w -t120
> -e.
> This means that one identd process waits 120 seconds after
> answering the first request to answer later request.
> Lets say we start 100 requests in a short period.
> Due to the fact that it takes time to answer one request
> more identd's will be started each eating up about 900kb
> memory and waiting 120 seconds before terminating.
> I tested this behaviour on different machines with different
> hardware (RAM, Swap, NIC).
> Each machine becomes unusable after some seconds.
> This bug is in _every_ SuSE Version at least since 4.4.
> SuSE seems not to be interested in this bug becaus they
> did not answer any of my mails.
>
> CU, Hendrik
--
Seth Arnold | ICQ 3172483 | http://cswww.willamette.edu/~sarnold/
I prosecute unsolicited bulk emails, using the RealTime BlackHole
List. You should too. Ask me how, or visit http://maps.vix.com/rbl/
