Bugtraq mailing list archives
Re: local telnetd DoS
From: corrupt () SHELLX TICAL NET (Ray Barnes)
Date: Sat, 11 Sep 1999 19:11:18 -0400
On Fri, 10 Sep 1999, George wrote:
What this does is get the telnetd service kicked out by inetd..by using a similar method with numerous rapid connections, you can shut-down any tcp service running under inetd, ie. ftpd, identd, etc, just by connecting to the port each service is listening on. Until a fix is out, it might be wise to crontab a HUP to inetd every few minutes, so that if somebody takes out your telnet service, you can log back in eventually. George
Sounds like a good "best practice." I've found that a cron'ed HUP of inetd every 5 minutes is a must-have in the case of Slackware 3.2 with no packet filtering. It's been my experience that smurf attacks seem to lock up my inetd (tested on two boxes). Don't ask me why a smurf would have that effect ; perhaps some sort of odd interaction with the kernel? *shrug* In any event, a timed HUP is always helpful, at least in my case. Ray Barnes Tical Network Solutions, Inc.
Current thread:
- local telnetd DoS Zo0mer (Sep 07)
- Re: local telnetd DoS Chris Terry (Sep 10)
- Re: local telnetd DoS George (Sep 10)
- Re: local telnetd DoS Ray Barnes (Sep 11)
- Re: local telnetd DoS Signal 11 (Sep 10)
- Re: local telnetd DoS Henrik Nordstrom (Sep 11)
- <Possible follow-ups>
- Re: local telnetd DoS infernix (Sep 10)