Bugtraq mailing list archives

Re: remote DoS against inetd and ssh

From: stas () SONET CRIMEA UA (Stas Kisel)
Date: Thu, 23 Sep 1999 09:01:43 +0400


Sorry for old news - but there is no still any patch against this DoS
on an official ssh site.

From: Jose Nazario <jose () BIOCSERVER BIOC CWRU EDU>

yeah, i noted this to the ssh development team in march, 1999. this was
under version 1.2.26, and then 1.2.27 came out and there was no fix for
it. i didn't BUGTRAQ it as i find such info without a real fix to be
irresponsible. my coding sucks and i haven't been able to get my
MaxClients parameter to work in sshd. this would then be analogous to that
found in the apache web server. my incomplete code diffs are available to
anyone who wants to make it work, i get errors when it forks the child
process to handle the socket.


Unofficial quick patch is on http://sonet.crimea.ua/sshd_patch/
Limits max connections from the same IP and max number of children
(I didn't played with accept()/SYN/spoofing things - so last
parameter may be more relevant).
Parameters are hardcoded ("keep it simple, stupid" in mind).

--
Stas Kisel. UNIX, security, C, TCP/IP, Web. UNIX - the best adventure game
http://www.tekmetrics.com/transcript.shtml?pid=20053 http://www.crimea.edu
+380(652)510222,230238 ; stas () crimea edu stas () sonet crimea ua ; 2:460/54.4

Current thread:

remote DoS against inetd and ssh Grzegorz Stelmaszek (Sep 02)
- Re: remote DoS against inetd and ssh Jedi/Sector One (Sep 08)
- Re: remote DoS against inetd and ssh Derek Callaway (Sep 08)
- Re: remote DoS against inetd and ssh Vincent Janelle (Sep 08)
- <Possible follow-ups>
- Re: remote DoS against inetd and ssh Alexander Boutkhoudze (Sep 07)
- Re: remote DoS against inetd and ssh Jose Nazario (Sep 08)
  - Re: remote DoS against inetd and ssh Stas Kisel (Sep 22)