Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Which DoS ? [Updated]

From: patrick () PINE NL (Patrick Oonk)
Date: Sat, 17 Jun 2000 00:57:05 +0200

On Fri, Jun 16, 2000 at 02:10:35AM -0400, Eric LeBlanc wrote:

Hello,

thanks for reponses! but I have ONE reponse explain all:

------
From: "Lee Monamy" <lee.monamy () home com>

I think this may be the superforker DoS attack from www.rootshell.com

Lee

(thanks Lee!)
-----

cracked (customer in IGT.NET (yes, it's a compagny)), use superforker
for crash this server. this account is obsoulivy revoked. It's not a hack,
or rooted.

I tested superforker.c on my test machine, and I have same things in
/tmp.  My box (test machine) crash many times hehe.

but... I have one question: What the workaround for that?

I have one workaround: quota in /tmp, but superforker use the CPU and RAM
100%... result: overloading ressources, and crash.

Any solutions?


FreeBSD and classes:

     login.conf contains various attributes and capabilities of login classes.
     A login class (an optional annotation against each record in the user ac-
     count database, /etc/master.passwd) determines session accounting, re-
     source limits and user environment settings.  It is used by various pro-
     grams in the system to set up a user's login environment and to enforce
     policy, accounting and administrative restrictions.  It also provides the
     means by which users are able to be authenticated to the system and the
     types of authentication available.

--
 Patrick Oonk -  PO1-6BONE -  patrick () pine nl -  www.pine.nl/~patrick
 Pine Internet - PAT31337-RIPE - PGPkeyID BE7497F1 - XOIP+31208723350
 Tel: +31-70-3111010  -   Fax: +31-70-3111011   -  http://security.nl
 PGP   fingerprint   A6 12 66 7F 22 84 1B E5  73 8C 99 F7 17 7B A3 98
 Excuse of the day: electromagnetic radiation from satellite
 debris
Previous By Date Next
Previous By Thread Next

Current thread: