Vulnerability Development mailing list archives

Re: Possible DoS against inetd in Solaris

From: Vitaly McLain <twistah () DATASURGE NET>
Date: Wed, 15 Nov 2000 22:16:59 -0600

I could be wrong but I think this is how it's supposed to behave. A feature
of inetd is that it will stop attacks like octopus.c which attempt to flood
a daemon with sockets, thus consuming its resources. When inetd decides a
'socket flood' is taking place, it will block hosts from connecting for a
specified ammount of time. Check your logs: inetd /should/ have logged
something about it refusing further connections.

Vitaly McLain
twistah () datasurge net
twistah @ OPN & EfNet
"If you don't turn on to politics, politics will turn on you."
       - Ralph Nader

Current thread:

Possible DoS against inetd in Solaris Alla Bezroutchko (Nov 16)
- Re: Possible DoS against inetd in Solaris Larry W. Cashdollar (Nov 16)
- Re: Possible DoS against inetd in Solaris Vitaly McLain (Nov 16)
- Re: Possible DoS against inetd in Solaris El Nahual (Nov 16)
  - Re: Possible DoS against inetd in Solaris Vitaly McLain (Nov 17)
    - Re: Possible DoS against inetd in Solaris El Nahual (Nov 17)
    - Re: Possible DoS against inetd in Solaris Larry W. Cashdollar (Nov 18)
    - Re: Possible DoS against inetd in Solaris El Nahual (Nov 18)
    - Re: Possible DoS against inetd in Solaris Alla Bezroutchko (Nov 17)
- Re: Possible DoS against inetd in Solaris Nursten, Scott (Nov 16)
- Re: Possible DoS against inetd in Solaris Massimo Fubini (Nov 20)
- <Possible follow-ups>
- Re: Possible DoS against inetd in Solaris Andre Monteiro (Nov 22)