Bugtraq mailing list archives
Re: denial of service attack possible
From: darrell () teleport com (Darrell Fuhriman)
Date: Fri, 27 Oct 1995 09:53:18 -0700
On Fri, 27 Oct 1995, Mark Thomas wrote:
If anyone has any more specifics on this problem, please let me know. When the server is healthy netstat indicates a couple SYN_RCVD state services, but they never last from one netstat command to another for the same remote IP.
SunOS 4.1.4 only allows five listen()s to be quueud up per port. (You can put any number in the function call it's quietly set to five anyway.) Solaris 2.4 allows 32 queued, 2.5 will allow 1024. Don't expect Sun to be doing anything with 4.1.4 to fix it though. It's hard enough to get a syslog patch out of them. :( One possible way to fix it, is to try turning on SO_KEEPALIVE, and turning down tcp_keepintvl in the kernel (150 seconds is default). No guarantees though. Darrell Fuhriman
Current thread:
- Re: Sendmail 8.7, 8.7.1, (continued)
- Re: Sendmail 8.7, 8.7.1 SnoCrash (Oct 10)
- Re: Sendmail 8.7, 8.7.1 Andrew Cameron (Oct 10)
- Netscape problems (again)... Jay 'Whip' Grizzard (Oct 10)
- s-bits disappear ? Bernd Lehle (Oct 11)
- Re: s-bits disappear ? Neil Readwin (Oct 12)
- Sun's Loadmodule Patch Neil Woods (Oct 18)
- FW: WinNews Special Issue Scott Chasin (Oct 22)
- SunOS 5.5 Beta Aleph One (Oct 24)
- denial of service attack possible Mark Thomas (Oct 26)
- Re: denial of service attack possible Darren Reed (Oct 27)
- Re: denial of service attack possible Darrell Fuhriman (Oct 27)
- Re: denial of service attack possible Tom Fitzgerald (Oct 27)
- Re: denial of service attack possible Michael R. Widner (Oct 27)
- Re: denial of service attack possible Nathan Lawson (Oct 27)