Bugtraq mailing list archives
Re: FTP denial of service attack
From: antirez () INVECE ORG (antirez () INVECE ORG)
Date: Thu, 9 Dec 1999 11:17:13 +0100
On Tue, Dec 07, 1999 at 10:40:09PM +0100, bert hubert wrote:
The free unixes these days mostly come with packet filtering available by default, these might be best off. One could imagine a 'libfilter' which would easily allow daemons with the right permissions/capabilities to instruct the kernel to not accept connections anymore from a certain host.
Also as osserved by Pancrazio De Mauro there are not reasons to know the client IP only after accept(2) the connection. The SYN packet contains the IP address so it's possible to implement for example an accept2 that return just after SYN was received so we can obtain the IP address and then use accpet2_reset() to RST or accept2_ok() to follow the threeway handshake. Since this can be implemented using new syscall API compatibility is preserved, but this seems a lot better than modify on the fly firewalling rules. antirez
Current thread:
- FTP DoS - PORT and PASV effected., (continued)
- FTP DoS - PORT and PASV effected. Darren Reed (Dec 07)
- Re: FTP DoS - PORT and PASV effected. Henrik Nordstrom (Dec 09)
- Re: FTP denial of service attack antirez () INVECE ORG (Dec 07)
- Re: FTP denial of service attack Dustin Miller (Dec 07)
- Re: FTP denial of service attack Hugo.van.der.Kooij () CAIW NL (Dec 08)
- Re: FTP denial of service attack Paulo Licio de Geus (Dec 09)
- [Debian] New version of htdig released Aleph One (Dec 10)
- Fundamental flaw in UnixWare 7 security Brock Tellier (Dec 10)
- Solaris sadmind Buffer Overflow Vulnerability Alfred Huger (Dec 10)
- Re: FTP denial of service attack bert hubert (Dec 07)
- Re: FTP denial of service attack antirez () INVECE ORG (Dec 09)
- Re: FTP denial of service attack Henrik Nordstrom (Dec 07)
- Re: FTP denial of service attack Darren Reed (Dec 07)
- Re: FTP denial of service attack Henrik Nordstrom (Dec 07)
- Re: FTP denial of service attack Darren Reed (Dec 07)
- Re: FTP denial of service attack Darren Reed (Dec 07)