Bug 14687 - Denial of Service attack on 6.2
Denial of Service attack on 6.2
Status: CLOSED DUPLICATE of bug 14876
Product: Red Hat Linux
Classification: Retired
Component: inetd (Show other bugs)
6.2
i386 Linux
high Severity medium
: ---
: ---
Assigned To: Jeff Johnson
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-07-26 18:09 EDT by Need Real Name
Modified: 2008-05-01 11:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-07-26 18:09:56 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Need Real Name 2000-07-26 18:09:54 EDT
> Hi,
> 
> I may have discovered a bug in Redhat 6.2 (only) which could be used for
> a successful Denial Of Service attack.
> 
> Using the services "time" or "daytime" - which under 6.2 inetd.conf are
> both internal services - you can create a tcp connection that remains in
> the CLOSE_WAIT state. For example:
> 
> nc host.to.be.attacked.com 37
> 
> (telnet can also be used)
> 
> will return a binary value and then hang. Hit ^C and repeat.
> 
> Each one of these will leave a tcp connection in the CLOSE_WAIT state on
> the attacked host and no tcp connection on the attacking host.
> 
> After doing enough of these you can create enough tcp sessions on the
> attacked host so that any further tcp connections are no longer
> possible. This seems to only work on 6.2 and also requires time or
> daytime to be uncommented in /etc/inetd.conf.
> 
> I cannot find an existing patch for this and I thought it serious enough
> to bring to your attention and hopefully have a fast fix created by
> Redhat.
> 
> Thanks
> 
> Jim Palfreyman
> 
> Telstra - Networking Tasmania.
> 
>
Comment 1 Jeff Johnson 2000-08-01 17:34:43 EDT

*** This bug has been marked as a duplicate of 14876 ***

Note You need to log in before you can comment on or make changes to this bug.