Bugtraq mailing list archives
Re: News DoS using sendsys
From: dshaw () JABBERWOCKY COM (David Shaw)
Date: Thu, 27 Aug 1998 09:32:26 -0400
On Wed, Aug 26, 1998 at 03:52:58PM -0700, Russ Allbery wrote:
There are several possible solutions at different levels of complexity. First, please make sure that your control.ctl file or the equivalent has a line like: sendsys:*:*:drop
While you're at it, it might be worth adding: senduuname:*:*:drop version:*:*:drop I suspect that once everyone configures their server to stop responding to sendsys, the bombers will switch to senduuname and version. I have already seen a hundred "version" requests come in. Neither version nor senduuname are relevant to the overwhelming majority of INN installations out there. David -- David Shaw | dshaw () cs jhu edu | WWW http://www.cs.jhu.edu/~dshaw/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson
Current thread:
- Re: News DoS using sendsys Forrest J. Cavalier III (Aug 26)
- <Possible follow-ups>
- Re: News DoS using sendsys Scott Gifford (Aug 26)
- Re: News DoS using sendsys Russ Allbery (Aug 26)
- Re: News DoS using sendsys Andrew V. Kovalev (Aug 27)
- Re: News DoS using sendsys Charlesw (Aug 27)
- Re: News DoS using sendsys David Shaw (Aug 27)
- SV: SV: Serious Security Hole in Hotmail (URL to sourcecode) Jonathan James (Aug 27)
- Re: News DoS using sendsys Julian Cowley (Aug 27)
- Re: News DoS using sendsys Russ Allbery (Aug 27)
- Seyon Security Vulnerability SGI Security Coordinator (Aug 27)
- Re: Seyon Security Vulnerability Alan Cox (Aug 27)
- SECURITY: new nfs-server packages available (fwd) Alan Cox (Aug 27)
- Re: SECURITY: new nfs-server packages available (fwd) Paul Boehm (Aug 27)
- Cisco response re PIX fragmentation issue Cisco Product Security Incident Response Team (Aug 27)
- NFS fix - TurboLinux 2.0 Scott Stone (Aug 27)
- StackGuard-protected Linux and a New StackGuard Compiler Crispin Cowan (Aug 27)
- Re: News DoS using sendsys Andrew V. Kovalev (Aug 27)