Security Incidents mailing list archives
Re: stranger ftp kill
From: ofriedrichs () SECURITYFOCUS COM (Oliver Friedrichs)
Date: Tue, 27 Jun 2000 16:27:26 -0700
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
There is something called an "FTP bounce attack." This might very well have been the reason why the inetd server failed by looping.
FTP bounce doesn't involve opening multiple connections to the FTP server. It looks like from the log messages that someone was password grinding against the FTP server, or even worse, someone grinding for the right offsets to an overflow. Oliver -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com> iQA/AwUBOVk13Mm4FXxxREdXEQJH5gCfSPeZxZjWR+9Y0QEMdRj+viFch30Anj5H 0drhcHv8sVQ6gxFFCVxwuGAQ =3hWf -----END PGP SIGNATURE-----
Current thread:
- Re: stranger ftp kill Ralf G. R. Bergs (Jun 26)
- <Possible follow-ups>
- Re: stranger ftp kill Oliver Friedrichs (Jun 27)