Security Incidents mailing list archives

Re: stranger ftp kill

From: ofriedrichs () SECURITYFOCUS COM (Oliver Friedrichs)
Date: Tue, 27 Jun 2000 16:27:26 -0700


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

There is something called an "FTP bounce attack." This might
very well have
been the reason why the inetd server failed by looping.


FTP bounce doesn't involve opening multiple connections to the FTP
server.  It looks like from the log messages that someone was
password grinding against the FTP server, or even worse, someone
grinding for the right offsets to an overflow.

Oliver

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>

iQA/AwUBOVk13Mm4FXxxREdXEQJH5gCfSPeZxZjWR+9Y0QEMdRj+viFch30Anj5H
0drhcHv8sVQ6gxFFCVxwuGAQ
=3hWf
-----END PGP SIGNATURE-----

Current thread:

Re: stranger ftp kill Ralf G. R. Bergs (Jun 26)
- <Possible follow-ups>
- Re: stranger ftp kill Oliver Friedrichs (Jun 27)