Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.
Bug 49122 - looping protection a route to DOS
looping protection a route to DOS
Product: Red Hat Linux
Classification: Retired
Component: xinetd (Show other bugs)
i686 Linux
medium Severity medium
: ---
: ---
Assigned To: Trond Eivind Glomsrxd
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2001-07-13 23:06 EDT by ae
Modified: 2007-04-18 12:34 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-07-16 15:48:12 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description ae 2001-07-13 23:06:59 EDT
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.4.2-2smp i686; Nav)

Description of problem:
Defaults (10 connections per second) not adequate for tftpd (for me at
least). Real problem,
however is that services that trigger the looping protection are shut down
permanently ---
thus a DOS.  Suggest xinetd.conf  say "cps = 10 5" so that looping
protestion is temporary.

How reproducible:

Steps to Reproduce:
1.  edit /etc/xinetd.d/tftp to enable
2.  boot many X terminals at once
3.  suspect problem is general, so any coordinated activity will do.

Actual Results:  tftpd stops serving, see /var/log/messages --
tftp service was deactivated because of looping

tftpd service outage is permanent.

Additional info:

recommend make these service outages temporary
through use of cps with TWO parameters, such as "cps = 10 10"
Comment 1 Trond Eivind Glomsrxd 2001-07-16 15:48:07 EDT
It's not specified at all right now...

I'm not sure whether we want to change this or not. Of course, it's always
possible for the admin to do it if it is wanted.
Comment 2 Trond Eivind Glomsrxd 2001-08-23 22:33:36 EDT
Added in 2.3.0-7 and above (higher threshold, though)

Note You need to log in before you can comment on or make changes to this bug.