Vulnerability Development mailing list archives

Re: FreeBSD listen()

From: davids () WEBMASTER COM (David Schwartz)
Date: Thu, 28 Oct 1999 13:13:04 -0700


        It makes no sense at all to use the listen backlog as any sort of security
mechanism. If you only wish to accept one connection, only call 'accept'
once.

http://www.nai.com/nai_labs/asp_set/advisory/ftp-paper.asp


        This is about authentication. It has nothing to do with the number of
connections.

and realized in exploit posted to Vuln-dev, see

http://www.securityfocus.com/templates/archive.pike?list=82&date=1

999-10-15&msg=9628.991015 () SECURITY NNOV RU

        This is about active versus passive FTP. It has nothing to do with listen
backlogs or connection counts.

        DS

Current thread:

Re: ICQ 2000, (continued)
- - - Re: ICQ 2000 Sean Burford (Oct 25)
    - Re: ICQ 2000 Brad Griffin (Oct 26)
  - icq2000 Brad Griffin (Oct 26)
  - Re: ICQ 2000 Damm, Mike (Oct 26)
    - Re: ICQ 2000 Brad Griffin (Oct 26)
    - FreeBSD listen() 3APA3A (Oct 27)
    - Re: FreeBSD listen() CyberPsychotic (Oct 27)
    - Re: FreeBSD listen() 3APA3A (Oct 29)
    - Re: FreeBSD listen() Matthew S. Hallacy (Oct 30)
    - Fw: Trojan/Worm on one of your pages and spams ICQ users. BrainMaster (Oct 28)
    - Re: FreeBSD listen() David Schwartz (Oct 28)
    - Re: FreeBSD listen() 3APA3A (Oct 29)
    - Re: FreeBSD listen() David Schwartz (Oct 30)
    - Re: FreeBSD listen() 3APA3A (Oct 31)
    - Re: FreeBSD listen() Sebastian (Oct 28)
    - Re: FreeBSD listen() 3APA3A (Oct 29)
    - Re: FreeBSD listen() Warren Young (Oct 28)
    - Re: ICQ 2000 Bernie Cosell (Oct 27)
    - Re: ICQ 2000 Ripple (Oct 26)
    - Re: ICQ 2000 Sean Burford (Oct 26)
    - stealth executables Brad Griffin (Oct 26)

(Thread continues...)