Bugtraq mailing list archives
Re: Dropbear SSH server Denial of Service
From: Damien Miller <djm () mindrot org>
Date: Sat, 11 Mar 2006 13:51:47 +1100 (EST)
On Fri, 10 Mar 2006, Matt Johnston wrote:
Dropbear 0.48 mitigates this issue by having a per-IP limit as well as a global limit - this will at least prevent an IP-deprived attacker from denying service. It's worth noting that various other network services (such as netkit-inetd and OpenSSH) have the same design issues, at least in default configurations.
OpenSSH has had connection-flood DoS mitigation since 2000, in the form of random early drop of connections so legitimate users have a probabalistic change of getting in. See the "MaxStartups" documentation in sshd_config(5) -d
Current thread:
- Dropbear SSH server Denial of Service Pablo Fernandez (Mar 07)
- Re: Dropbear SSH server Denial of Service Matt Johnston (Mar 10)
- Re: Dropbear SSH server Denial of Service Damien Miller (Mar 11)
- <Possible follow-ups>
- Re: Dropbear SSH server Denial of Service il80r (Mar 10)
- Re: Dropbear SSH server Denial of Service Matt Johnston (Mar 10)