Bugtraq mailing list archives
Re: inetd DoS exploit
From: Peter van Dijk <peter () DATALOSS NL>
Date: Tue, 27 Feb 2001 02:02:16 +0100
On Sun, Feb 25, 2001 at 07:26:07PM +0300, Serega[linux] wrote:
Name: inetd DoS exploit Author: Serega[Linux]
This is a *very* old and widely-known inetd DoS. It comes down making inetd's ratelimiting kick in. Recent inetd's (like the one that comes with FreeBSD) also have concurrencylimiting, which makes sense. Ratelimiting has never prevented a malicious client from crashing a server. inetd replacements like xinetd and tcpserver (http://cr.yp.to/ucspi-tcp.html) have real ratelimiting which preventes *real* problems, as opposed to inetd ratelimiting which actually only *creates* problems. Greetz, Peter.
Current thread:
- inetd DoS exploit Serega[linux] (Feb 26)
- Re: inetd DoS exploit Jose Nazario (Feb 27)
- Re: inetd DoS exploit David Malone (Feb 27)
- Re: inetd DoS exploit Charles M. Hannum (Feb 27)
- Re: inetd DoS exploit Peter Werner (Feb 27)
- Re: inetd DoS exploit Peter van Dijk (Feb 27)
- ratelimiting/concurrency limits both inadequate to stop TCP/IP DoS bert hubert (Feb 28)
- Re: inetd DoS exploit Jose Nazario (Feb 27)