Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

DOS against SuSE's identd

From: peter () IFM LIU SE (Peter Eriksson)
Date: Tue, 17 Aug 1999 10:56:46 +0200

Hendrik Scholz <hendrik () SCHOLZ NET> writes:


The inetd.conf starts the identd with the options -w -t120 -e.
This means that one identd process waits 120 seconds after
answering the first request to answer later request.
Lets say we start 100 requests in a short period.
Due to the fact that it takes time to answer one request
more identd's will be started each eating up about 900kb
memory and waiting 120 seconds before terminating.
I tested this behaviour on different machines with different
hardware (RAM, Swap, NIC).
Each machine becomes unusable after some seconds.
This bug is in _every_ SuSE Version at least since 4.4.
SuSE seems not to be interested in this bug becaus they
did not answer any of my mails.


This bug is probably due to some incompatibility between
SuSE's inetd daemons handling of 'stream tcp' & 'wait' servers
and the way Pidentd expects it to be handled.

The "normal" (as normal as it can be since 'stream tcp wait'
normally is not a supported configuration) thing that should
happen is that Inetd should start _one_ Pidentd, which then
should handle all new requests in sub-processes, which should
die immediately after the request has been handled. In the Suse
case it seems (my guess) that Inetd keeps on starting new
Pidentd's...

Anyway, I nowadays _generally_ recommend people to stay away from
the "-w" stuff in Pidentd due to the problems with the behaviours
of various Inetd implementations...

I recommend instead that people get the latest version of Pidentd
(version 3.0.7 as of this writing) which uses multithreaded instead
of forking subprocesses - this can reduce the load on systems
significantly).

Pidentd 3.0.7 (and later) can be downloaded from:

        ftp://ftp.lysator.liu.se/pub/ident/servers

Here's the PGP Signature of that file:

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
MessageID: D750KrTMC9lSc8xPJqIOoI5ldgh6QDYj

iQCVAwUAN7c0a0GVHk0UMIghAQH7/wP8DV9NyDrPxMfa8lxSRMrGK8/kNSeKU+Z0
G+eX267t7WpjlP3puVchb7lp7zbtYlJhd6jyuxzwFJrGZs6GJGgT8B6vtFYqfYFm
9n5DAylzrTezWYUEkTQpy4UV+w1gVTa7+/qJcbkTm2rJaPaxp11duf0NH9zOhGZG
gzfAOgkXMrU=
=Mfo4
-----END PGP SIGNATURE-----

/Peter (The Pidentd author)
Previous By Date Next
Previous By Thread Next

Current thread: