Red Hat Bugzilla – Bug 9810
ftp DoS attack
Last modified: 2008-05-01 11:37:54 EDT
Any script kiddie may stop ftp service on any RedHat-based box using
diewa170.exe from http://neworder.box.sk/showme.php3?id=1465. inetd stop
service with message:
Feb 27 12:48:37 myhost inetd: ftp/tcp server failing (looping),
for 10 minutes. After 10 minutes, the above mentioned script kiddie may use
his tool again and again, so ftp service will not be available for long
time until admin discover it and install firewall rule.
Possible solution may be using xinetd with per_source=5 instead of inetd,
as in TurboLinux. Good reason for bugtraq discussion and errata update,
xinted is in Red Hat 7.0, that should help dealing with DoS attacks.