Bugtraq mailing list archives

Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing

From: Kent.Fitch () its csiro au (Kent Fitch)
Date: Mon, 10 Jul 1995 12:33:34 +1000


On Sun, 9 Jul 1995, Dr. Frederick B. Cohen wrote:

      I was trying a loop test to stress performance on our secure W3
server and found that inetd under SunOS detects what it thinks to be
loops and shuts down all httpd services untill a kill -HUP is sent to
the inetd process.  How is this bug/feature controlled, and doesn't this
lead very directly to denial of services attacks?


Dunno about SUNOS, but in Linux at least inetd by default produces this
message and shuts down the service if it exceeds 40 transactions per minute.
This number can be changed on each service in the inetd.conf file by
appending the "nowait" or "wait" parameter with a dot and a max number -
eg,   "nowait.100" will allow up to 100 connections per minute before
inetd thinks something is looping

Kent Fitch                           Ph: +61 6 276 6711
ITSB   CSIRO  Canberra  Australia    kent.fitch () its csiro au
"Only a person of great faith can afford to be a skeptic"  FW Nietzsche

Current thread:

Re: Exploit for Linux wu.ftpd hole, (continued)
- - - Re: Exploit for Linux wu.ftpd hole Mike Edulla (Jul 08)
  - Re: Exploit for Linux wu.ftpd hole Timothy Newsham (Jul 05)
  - Linux FIOSETOWN ioctl hole Marek Michalkiewicz (Jul 06)
  - Re: Exploit for Linux wu.ftpd hole Darren Reed (Jul 06)
  - Re: Exploit for Linux wu.ftpd hole Marc W. Mengel (Jul 06)
    - Re: Exploit for Linux wu.ftpd hole Mike Edulla (Jul 08)
    - web site Aleph One (Jul 07)
    - Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Dr. Frederick B. Cohen (Jul 09)
    - Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Darren Reed (Jul 09)
    - updated-secure-w#-daemons Dr. Frederick B. Cohen (Jul 09)
    - Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Kent Fitch (Jul 09)
    - Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Casper Dik (Jul 10)
    - Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing Ken Wilcox (Jul 11)
    - Exploit+fix for Linux SIGURG Marek Michalkiewicz (Jul 11)
    - The FTP Bounce Attack *Hobbit* (Jul 11)
    - Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Henri Karrenbeld (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Marek Michalkiewicz (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) James Seng (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Henri Karrenbeld (Jul 12)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Aleph One (Jul 13)
    - Re: Security Problem ftpd (includes wu.ftpd 2.4 and 2.4.2 beta 4) Jeremy Fitzhardinge (Jul 13)

(Thread continues...)