Bug 9810 - ftp DoS attack
ftp DoS attack
Status: CLOSED WORKSFORME
Product: Red Hat Linux
Classification: Retired
Component: inetd (Show other bugs)
6.2
All Linux
medium Severity high
: ---
: ---
Assigned To: Jeff Johnson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-02-27 06:20 EST by Leonid Kanter
Modified: 2008-05-01 11:37 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-05-15 07:52:28 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Leonid Kanter 2000-02-27 06:20:14 EST
Any script kiddie may stop ftp service on any RedHat-based box using
diewa170.exe from http://neworder.box.sk/showme.php3?id=1465. inetd stop
service with message:

Feb 27 12:48:37 myhost inetd[2548]: ftp/tcp server failing (looping),
service terminated

for 10 minutes. After 10 minutes, the above mentioned script kiddie may use
his tool again and again, so ftp service will not be available for long
time until admin discover it and install firewall rule.

Possible solution may be using xinetd with per_source=5 instead of inetd,
as in TurboLinux. Good reason for bugtraq discussion and errata update,
isn't it?
Comment 1 Jeff Johnson 2000-08-11 13:29:09 EDT
xinted is in Red Hat 7.0, that should help dealing with DoS attacks.

Note You need to log in before you can comment on or make changes to this bug.