[11871] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: local telnetd DoS

daemon@ATHENA.MIT.EDU (Henrik Nordstrom)
Mon Sep 13 18:15:52 1999

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id:  <37DA1E77.56F073F4@hem.passagen.se>
Date:         Sat, 11 Sep 1999 11:18:47 +0200
Reply-To: hno@HEM.PASSAGEN.SE
From: Henrik Nordstrom <hno@HEM.PASSAGEN.SE>
X-To:         Zo0mer <slackware@MAIL.RU>
To: BUGTRAQ@SECURITYFOCUS.COM

Zo0mer wrote:
>
> Hi,i found local DoS that Crash telnetd (tested on Slackware 4.0, RH 5.2)
> type
> telnet localhost | telnet localhost | telnet localhost ...... about 50 times
> result will be 'Connection Refused' , telnetd crash.

Sounds very much like inetd service respawn rate limitation. The default
rate limit is usually something like 40 accesses/minute. See your inetd
documentation for exact value of the default limit and how it may be
tuned.

The purpose of this limit is to limit the DOS attack to only the service
attacked and not bring down the whole machine by resource exhaustion
(memory, processes, CPU).

--
Henrik Nordstrom


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[11871] in bugtraq

Re: local telnetd DoS

daemon@ATHENA.MIT.EDU (Henrik Nordstrom)Mon Sep 13 18:15:52 1999

daemon@ATHENA.MIT.EDU (Henrik Nordstrom)
Mon Sep 13 18:15:52 1999