[7956] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ANNOUNCE: secure identd v0.3

daemon@ATHENA.MIT.EDU (Taral)
Wed Sep 16 21:36:15 1998

Date: 	Wed, 16 Sep 1998 18:22:37 -0500
Reply-To: Taral <taral@MAIL.UTEXAS.EDU>
From: Taral <taral@MAIL.UTEXAS.EDU>
X-To:         Wietse Venema <wietse@PORCUPINE.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <19980915171734.2F225457B1@spike.porcupine.org>

Actually, a secure box should run with RLIMIT_AS (Linux-ism?) set on all
daemons... I started using it on apache httpd to prevent the header-spam
DoS, but it seems like a good idea on all processes that shouldn't consume
much memory.

Taral

> -----Original Message-----
> Suggested fix: read a fixed-size read buffer from the network.  No
> reasonable ident query needs to be longer than a couple bytes for
> the two port numbers. When used in the right place, fixed-size
> buffers are beneficial to security.
>
>         Wietse
>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7956] in bugtraq

Re: ANNOUNCE: secure identd v0.3

daemon@ATHENA.MIT.EDU (Taral)Wed Sep 16 21:36:15 1998

daemon@ATHENA.MIT.EDU (Taral)
Wed Sep 16 21:36:15 1998