SSH can be semi DOS'ed

["R. DuFresne" <dufresne () sysinfo com>]

Folks,

Seems at least older versions of ssh <ssh-1.2.17> can be somewhat DOS'ed,
at least when not compiled with libwrap.a supporyt when the system is
locked down with tcpd to all but a few allowed hosts.  The Key is for the
attacker to telnet to the ssh port, enter a few returns or something, then
close the telnet connections.  This leaves the Recv-Q with and the
connection in a CLOSE_WAIT state that does not seem to abate, even over
long periods of time.  The reason it is only a partial DOS is that
connections can be still made to the outside, but, incoming connections,
even from sites allowed via tcpd will hang with a Recv-Q of at least 1 and
again a connection state at CLOSE_WAIT.

Anyone else notice this with later versions of ssh? How about ssh2?

Thanks,

Ron DuFresne
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
        admin & senior consultant:  darkstar.sysinfo.com
                  http://darkstar.sysinfo.com

"Cutting the space budget really restores my faith in humanity.  It
eliminates dreams, goals, and ideals and lets us get straight to the
business of hate, debauchery, and self-annihilation."
                -- Johnny Hart

testing, only testing, and damn good at it too!