Bugtraq mailing list archives
Re: CPSR #8: identd Denial of Service
From: jkatz () CPIO ORG (J. Joseph Max Katz)
Date: Mon, 4 Aug 1997 10:55:59 -0500
Howdy! This occurs when ident is being called from inetd-- with ANY "-w" time alotted. The OpenBSD default is -w60 or -w120, I tested it at -w40 and other settings. -Jon On Tue, 5 Aug 1997, Alan Brown wrote: :At 09:19 4/08/97 -0500, you wrote: :>Problem: :>A massive amount of ident requests causes the identd daemon to "spin" :>because the daemon does not correctly close the socket from the host :>that issues a request. This is due to a poorly implemented incantation :>of wait(). The improper code perpetuates the identd process and allows :>the process to hang, slowing system performance considerably. On average, :>2-3 spinning processes slow the system noticeably-- 10-15 make the system :>unusable. Bear in mind that this is all based on the speed of the system :>and the above numbers hold true for machines like a p5/100 with 32M of RAM. :>Simply "kill -9 (ident's PIDs)" fixes the problem if it occurs. : :Does this still apply when identd is called from inetd.conf wait -w -t120 :or run in daemon mode? : :AB : : :
Current thread:
- Re: CPSR #8: identd Denial of Service J. Joseph Max Katz (Aug 04)
- <Possible follow-ups>
- Re: CPSR #8: identd Denial of Service Phillip R. Jaenke (Aug 09)