[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[VulnDiscuss] Re: [VulnWatch] proftpd <=1.2.7rc3 DoS
Le mar 10/12/2002 à 20:44, Kurt Seifried a écrit :
> This is so old I can't even find any postings/articles I remember making on
> it. Here is one link from early last year:
> http://lwn.net/2001/0322/a/proftpd-dos.php3
>
> Check the documentation:
> DenyFilter \*.*/
> Problem solved.
> People should search Google before posting, it's far less embaressing.
100% agree.
Moreover, it is quite difficult to realize a true denial of service that
way, for anonymous service runs under restricted identity and thus
cannot DoS superuser processes.
For what I could teste for now :
. main ProFTPd process does not die, service remains accessible
. I do not experience slow down on connect
. other anonymous sessions are affected, but remain usable
. other sessions are almost not affected
OK, my system limits are configured to restrict system load, especially
for guest identity, but I was to think that every one allowing an
anonymous access would do so...
--
Cédric Blancher <blancher@xxxxxxxxxxxxxxxxxx>
IT systems and networks security expert - Cartel Sécurité
Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99
PGP KeyID:157E98EE FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE