Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: News DoS using sendsys

From: dshaw () JABBERWOCKY COM (David Shaw)
Date: Thu, 27 Aug 1998 09:32:26 -0400

On Wed, Aug 26, 1998 at 03:52:58PM -0700, Russ Allbery wrote:

There are several possible solutions at different levels of complexity.

First, please make sure that your control.ctl file or the equivalent has a
line like:

        sendsys:*:*:drop


While you're at it, it might be worth adding:

        senduuname:*:*:drop
        version:*:*:drop

I suspect that once everyone configures their server to stop responding to
sendsys, the bombers will switch to senduuname and version.  I have
already seen a hundred "version" requests come in.  Neither version nor
senduuname are relevant to the overwhelming majority of INN installations
out there.

David

--
    David Shaw  |  dshaw () cs jhu edu  |  WWW http://www.cs.jhu.edu/~dshaw/
+---------------------------------------------------------------------------+
   "There are two major products that come out of Berkeley: LSD and UNIX.
      We don't believe this to be a coincidence." - Jeremy S. Anderson
Previous By Date Next
Previous By Thread Next

Current thread: