Bugtraq mailing list archives

Re: local telnetd DoS

From: corrupt () SHELLX TICAL NET (Ray Barnes)
Date: Sat, 11 Sep 1999 19:11:18 -0400


On Fri, 10 Sep 1999, George wrote:

What this does is get the telnetd service kicked out by inetd..by using a
similar method with numerous rapid connections, you can shut-down any tcp
service running under inetd, ie. ftpd, identd, etc, just by connecting to
the port each service is listening on. Until a fix is out, it might be
wise to crontab a HUP to inetd every few minutes, so that if somebody
takes out your telnet service, you can log back in eventually.

George


Sounds like a good "best practice."  I've found that a cron'ed HUP of
inetd every 5 minutes is a must-have in the case of Slackware 3.2 with no
packet filtering.  It's been my experience that smurf attacks seem to lock
up my inetd (tested on two boxes).  Don't ask me why a smurf would have
that effect ; perhaps some sort of odd interaction with the kernel?
*shrug*  In any event, a timed HUP is always helpful, at least in my
case.

Ray Barnes
Tical Network Solutions, Inc.

Current thread:

local telnetd DoS Zo0mer (Sep 07)
- Re: local telnetd DoS Chris Terry (Sep 10)
- Re: local telnetd DoS George (Sep 10)
  - Re: local telnetd DoS Ray Barnes (Sep 11)
- Re: local telnetd DoS Signal 11 (Sep 10)
- Re: local telnetd DoS Henrik Nordstrom (Sep 11)
- <Possible follow-ups>
- Re: local telnetd DoS infernix (Sep 10)