mailing list archives
Re: FTP denial of service attack
From: deraison () CVS NESSUS ORG (Renaud Deraison)
Date: Tue, 7 Dec 1999 18:46:05 +0100
On Tue, 7 Dec 1999, Darren Reed wrote:
Who has more free file descriptors & network ports, you or the ftp server ?
The attack you are describing is not new - this is just a PASV attack,
which has been around for years.
Hopefully, this problem is now solved.
Most modern FTP servers will :
- either issue an error when they are issued a second
- either accept the new PASV command, but they will close
the previously open socket, so the FTP server has only
two fd's open at a time.
If your FTP server server do not do this, use a real one.
The Nessus Project - http://www.nessus.org
From the SCO Security Page Alfred Huger (Dec 06)
w00giving #8] Solaris 2.7's snoop Aleph One (Dec 07)
FTP denial of service attack Darren Reed (Dec 07)
Re: FTP denial of service attack antirez () INVECE ORG (Dec 07)
Re: FTP denial of service attack Dustin Miller (Dec 07)
Re: FTP denial of service attack bert hubert (Dec 07)
- Re: FTP denial of service attack Renaud Deraison (Dec 07)