Bugtraq mailing list archives
socket buffer DoS/administrative limits (fwd)
From: green () FREEBSD ORG (Brian F. Feldman)
Date: Fri, 17 Sep 1999 12:35:50 -0400
---------- Forwarded message ---------- Date: Fri, 17 Sep 1999 12:32:01 -0400 (EDT) From: Brian F. Feldman <green () FreeBSD ORG> To: hackers () FreeBSD ORG Subject: socket buffer DoS/administrative limits Yes folks, it's that time again: time for more administrative limits! I've worked out a resource limit (for FreeBSD in this case, but not non-portable) which allows prevention of DoS by mbuf starvation. Others are working on making the networking code more resilient, while this is a general resource limit which can be used in any case. I've chosen the name "sbsize" (RLIMIT_SBSIZE) for this. Here's what happens with the limit in action (note that the pdksh in use has been patched to include the ulimit): {"/home/green"}$ ulimit -b 2000000 ; ulimit -a | grep sbsize sbsize(bytes) 2000000 {"/home/green"}$ ./testsockbuf socketpair: No buffer space available 14 sockets had been allocated And another DoS attempt has been foiled with administrative limits :) I'm sorry for not having something working sooner, but I ran into the problem of my KASSERT() being tripped, which ended up being caused by me not grokking an evil local define (look for "#define (snd|rcv) "...) correctly. After fixing that, everything is wonderful. The patch, which applies to FreeBSD 4.0-CURRENT, and should be easily portable or backportable, can be found at: http://www.FreeBSD.org/~green/sbsize4.patch -- Brian Fundakowski Feldman \ FreeBSD: The Power to Serve! / green () FreeBSD org `------------------------------' To Unsubscribe: send mail to majordomo () FreeBSD org with "unsubscribe freebsd-hackers" in the body of the message
Current thread:
- Microsoft Security Bulletin (MS99-037), (continued)
- Microsoft Security Bulletin (MS99-037) Aleph One (Sep 25)
- Internet Explorer 5.0 & AOL Instant Messenger 3.x (latest version) Bug forcing Win98 to crash remotely webmaster (Sep 22)
- Re: Internet Explorer 5.0 & AOL Instant Messenger 3.x (latest version) Bug forcing Win98 to crash remotely Peter Haglund (Sep 24)
- Re: More fun with WWWBoard Vladimir Dubrovin (Sep 21)
- SCO 5.0.x scosession local exploit Brock Tellier (Sep 22)
- Re: More fun with WWWBoard Ben Laurie (Sep 23)
- SuSE 6.2 sccw overflow exploit Brock Tellier (Sep 23)
- Security Bulletins Digest Aleph One (Sep 20)
- Microsoft Security Bulletin (MS99-038) Aleph One (Sep 20)
- FreeBSD Security Advisory: FreeBSD-SA-99:06.amd Aleph One (Sep 20)
- socket buffer DoS/administrative limits (fwd) Brian F. Feldman (Sep 17)
- A few bugs... Tymm Twillman (Sep 17)
- Re: A few bugs... Olaf Kirch (Sep 20)