[3812] in bugtraq
Re: Possible Denial of Service: SSH
daemon@ATHENA.MIT.EDU (Toomas Soome)
Wed Dec 18 12:38:26 1996
Date: Wed, 18 Dec 1996 11:30:42 +0200
Reply-To: Toomas Soome <tsoome@ut.ee>
From: Toomas Soome <tsoome@ut.ee>
X-To: "Sean B. Hamor" <hamors@litterbox.org>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <Pine.LNX.3.95.961217220208.255A-100000@litterbox.org>
On Tue, 17 Dec 1996, Sean B. Hamor wrote:
> I believe I may have found a possible denial of service attack for use
> against SSH. The attack requires an account on the target machine. I found
> this using the following setup:
>
lots deleted
>
> It seems that when my Windows 95 laptop establishes a connection to my Linux
> box via SSH and the PPP connection drops, all processes that were being
> controlled by the inbound SSH connection get zombied out. If I establish a
> connection and exit/drop the SSH connection, the Linux box recovers fine.
> This problem only occurs when the PPP connection drops.
>
there is mutch simpler way to block sshd - just force sshd to ask password
in login time, now create connection and let ssh to wait for password....
no one can login with ssh (with or without password) during this wait
time.... tested with 1.2.17
toomas soome
--
Redistribution by Microsoft Network is prohibited.
PGP public key: http://www.cs.ut.ee/~tsoome/pgp.txt
