Re: DOS against SuSE's identd

[sarnold () WILLAMETTE EDU (Seth R Arnold)]

Hendrik (and other posters), when finding similar problems in SuSE or other
products, you may also wish to post to the related-product security list,
such as such as suse-security () suse com. Not all who use a product read bugtraq, many
read only the list specific to themselves. (their loss perhaps. :)

Thanks

On Sat, Aug 14, 1999 at 08:29:48PM -0000, Hendrik Scholz wrote:
> Hi!
>
> The inetd.conf starts the identd with the options -w -t120
> -e.
> This means that one identd process waits 120 seconds after
> answering the first request to answer later request.
> Lets say we start 100 requests in a short period.
> Due to the fact that it takes time to answer one request
> more identd's will be started each eating up about 900kb
> memory and waiting 120 seconds before terminating.
> I tested this behaviour on different machines with different
> hardware (RAM, Swap, NIC).
> Each machine becomes unusable after some seconds.
> This bug is in _every_ SuSE Version at least since 4.4.
> SuSE seems not to be interested in this bug becaus they
> did not answer any of my mails.
>
> CU, Hendrik

--
Seth Arnold | ICQ 3172483 | http://cswww.willamette.edu/~sarnold/
I prosecute unsolicited bulk emails, using the RealTime BlackHole
List. You should too. Ask me how, or visit http://maps.vix.com/rbl/