Vulnerability Development mailing list archives
Re: Possible OpenSSH DoS Attack
From: Robert van der Meulen <rvdm () wiretrip org>
Date: Tue, 11 Dec 2001 03:42:23 +0100
Hi, Quoting Pedro Inacio (drbrain () phibernet org):
It seems to be a known problem ( http://www.snailbook.com/faq/libwrap-oops.auto.html ), but until now there is no patch available and this problem is present in all OpenSSH versions.
Do you get this problem both when running sshd from inetd and standalone? Opening up a big number of connections to the server starves out the number of available sockets, disallowing new connects. I can't think of an easy way to solve this, without using an external measure (such as a combination of --limit and --limit-burst iptables rules on linux). Greets, Robert -- Linux Generation encrypted mail preferred. finger rvdm () debian org for my GnuPG/PGP key. Insanity is hereditary. You get it from your kids.
Current thread:
- Possible OpenSSH DoS Attack Pedro Inacio (Dec 10)
- Re: Possible OpenSSH DoS Attack Josha Bronson (Dec 10)
- Re: Possible OpenSSH DoS Attack Robert van der Meulen (Dec 11)
- Re: Possible OpenSSH DoS Attack Jose Nazario (Dec 11)
- Re: Possible OpenSSH DoS Attack Markus Friedl (Dec 11)