Bugtraq mailing list archives
Re: remote DoS against inetd and ssh
From: stas () SONET CRIMEA UA (Stas Kisel)
Date: Thu, 23 Sep 1999 09:01:43 +0400
Sorry for old news - but there is no still any patch against this DoS on an official ssh site.
From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU> yeah, i noted this to the ssh development team in march, 1999. this was under version 1.2.26, and then 1.2.27 came out and there was no fix for it. i didn't BUGTRAQ it as i find such info without a real fix to be irresponsible. my coding sucks and i haven't been able to get my MaxClients parameter to work in sshd. this would then be analogous to that found in the apache web server. my incomplete code diffs are available to anyone who wants to make it work, i get errors when it forks the child process to handle the socket.
Unofficial quick patch is on http://sonet.crimea.ua/sshd_patch/ Limits max connections from the same IP and max number of children (I didn't played with accept()/SYN/spoofing things - so last parameter may be more relevant). Parameters are hardcoded ("keep it simple, stupid" in mind). -- Stas Kisel. UNIX, security, C, TCP/IP, Web. UNIX - the best adventure game http://www.tekmetrics.com/transcript.shtml?pid=20053 http://www.crimea.edu +380(652)510222,230238 ; stas () crimea edu stas () sonet crimea ua ; 2:460/54.4
Current thread:
- remote DoS against inetd and ssh Grzegorz Stelmaszek (Sep 02)
- Re: remote DoS against inetd and ssh Jedi/Sector One (Sep 08)
- Re: remote DoS against inetd and ssh Derek Callaway (Sep 08)
- Re: remote DoS against inetd and ssh Vincent Janelle (Sep 08)
- <Possible follow-ups>
- Re: remote DoS against inetd and ssh Alexander Boutkhoudze (Sep 07)
- Re: remote DoS against inetd and ssh Jose Nazario (Sep 08)
- Re: remote DoS against inetd and ssh Stas Kisel (Sep 22)