[19420] in bugtraq
Re: inetd DoS exploit
daemon@ATHENA.MIT.EDU (David Malone)
Wed Feb 28 03:32:09 2001
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Message-ID: <20010227193341.A88613@walton.maths.tcd.ie>
Date: Tue, 27 Feb 2001 19:33:41 +0000
Reply-To: dwmalone@MATHS.TCD.IE
From: David Malone <dwmalone@MATHS.TCD.IE>
X-To: Jose Nazario <jose@BIOCSERVER.BIOC.CWRU.EDU>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.LNX.4.30.0102261633260.29130-100000@biocserver.BIOC.CWRU.Edu>; from jose@BIOCSERVER.BIOC.CWRU.EDU
on Mon, Feb 26, 2001 at 04:39:58PM -0500
On Mon, Feb 26, 2001 at 04:39:58PM -0500, Jose Nazario wrote:
> 3] move to xinetd or other similar programs which have rate limiting.
> solar designer has a neat-o patch for xinetd that can do max-per-IP
> limits. very nice ... :)
FreeBSD's inetd has a selection of features like like this (maximum
number of invocations of a service, max number of invocations per
minute and the max number of invocations per minute per ip).
I think these features must be relatively recent additions to inetd
'cos the syntax for them is slightly different in FreeBSD and
OpenBSD. (A little poking around CVS trees shows that the max-child
feature was originally added in NetBSD 1993 and added to FreeBSD
in 1996. The overall rate limit and rate/ip limit may have originated
in FreeBSD at a later date - possibly cogged from xinetd.)
David.
