Bugtraq mailing list archives

Re: FTP denial of service attack

From: antirez () INVECE ORG (antirez () INVECE ORG)
Date: Tue, 7 Dec 1999 19:17:37 +0100


On Tue, Dec 07, 1999 at 11:29:56PM +1100, Darren Reed wrote:

Who has more free file descriptors & network ports, you or the ftp server ?


Using raw sockets it's possible to simulate a lot of descriptors/open ports.
You just needs to drop outgoing RST in order to implement your
ftpd-dos-oriented TCP/IP micro-stack with a minimal memory requirement.
In a word: the attacker has more free file descriptors & network ports every
times the exploit just do a simple operation such USER/PASS authentication.
This isn't true only for this attack but for many others and results in the
ability to perform this kind of DoS against a very big server using little
resources.

antirez

Current thread:

Re: Big problem on linux 2.0, (continued)
- - - Re: Big problem on linux 2.0 Andrea Arcangeli (Dec 14)
    - HP-UX: Security Vulnerability in wu-ftp Aleph One (Dec 13)
- From the SCO Security Page Alfred Huger (Dec 06)
- w00giving #8] Solaris 2.7's snoop Aleph One (Dec 06)
  - Re: w00giving #8] Solaris 2.7's snoop Shane A. Macaulay (Dec 09)
  - Clarification needed on the snoop vuln(s) Alfred Huger (Dec 09)
- FTP denial of service attack Darren Reed (Dec 07)
  - Re: FTP denial of service attack Renaud Deraison (Dec 07)
    - FTP DoS - PORT and PASV effected. Darren Reed (Dec 07)
    - Re: FTP DoS - PORT and PASV effected. Henrik Nordstrom (Dec 09)
  - Re: FTP denial of service attack antirez () INVECE ORG (Dec 07)
  - Re: FTP denial of service attack Dustin Miller (Dec 07)
    - Re: FTP denial of service attack Hugo.van.der.Kooij () CAIW NL (Dec 08)
    - Re: FTP denial of service attack Paulo Licio de Geus (Dec 09)
    - [Debian] New version of htdig released Aleph One (Dec 10)
    - Fundamental flaw in UnixWare 7 security Brock Tellier (Dec 10)
    - Solaris sadmind Buffer Overflow Vulnerability Alfred Huger (Dec 10)
  - Re: FTP denial of service attack bert hubert (Dec 07)
    - Re: FTP denial of service attack antirez () INVECE ORG (Dec 09)
  - Re: FTP denial of service attack Henrik Nordstrom (Dec 07)
    - Re: FTP denial of service attack Darren Reed (Dec 07)

(Thread continues...)