Bugtraq mailing list archives

Re: inetd DoS exploit

From: Peter van Dijk <peter () DATALOSS NL>
Date: Tue, 27 Feb 2001 02:02:16 +0100

On Sun, Feb 25, 2001 at 07:26:07PM +0300, Serega[linux] wrote:

Name:  inetd DoS exploit
Author: Serega[Linux]


This is a *very* old and widely-known inetd DoS. It comes down making
inetd's ratelimiting kick in. Recent inetd's (like the one that comes
with FreeBSD) also have concurrencylimiting, which makes sense.
Ratelimiting has never prevented a malicious client from crashing a
server.

inetd replacements like xinetd and tcpserver
(http://cr.yp.to/ucspi-tcp.html) have real ratelimiting which
preventes *real* problems, as opposed to inetd ratelimiting which
actually only *creates* problems.

Greetz, Peter.

Current thread:

inetd DoS exploit Serega[linux] (Feb 26)
- Re: inetd DoS exploit Jose Nazario (Feb 27)
  - Re: inetd DoS exploit David Malone (Feb 27)
  - Re: inetd DoS exploit Charles M. Hannum (Feb 27)
- Re: inetd DoS exploit Peter Werner (Feb 27)
- Re: inetd DoS exploit Peter van Dijk (Feb 27)
  - ratelimiting/concurrency limits both inadequate to stop TCP/IP DoS bert hubert (Feb 28)