Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Jul 9 08:06:03 all inetd[122]: httpd/tcp server failing
From: Kent.Fitch () its csiro au (Kent Fitch)
Date: Mon, 10 Jul 1995 12:33:34 +1000

On Sun, 9 Jul 1995, Dr. Frederick B. Cohen wrote:

      I was trying a loop test to stress performance on our secure W3
server and found that inetd under SunOS detects what it thinks to be
loops and shuts down all httpd services untill a kill -HUP is sent to
the inetd process.  How is this bug/feature controlled, and doesn't this
lead very directly to denial of services attacks?

Dunno about SUNOS, but in Linux at least inetd by default produces this
message and shuts down the service if it exceeds 40 transactions per minute.
This number can be changed on each service in the inetd.conf file by
appending the "nowait" or "wait" parameter with a dot and a max number -
eg,   "nowait.100" will allow up to 100 connections per minute before
inetd thinks something is looping

Kent Fitch                           Ph: +61 6 276 6711
ITSB   CSIRO  Canberra  Australia    kent.fitch () its csiro au
"Only a person of great faith can afford to be a skeptic"  FW Nietzsche

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]