Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: FTP denial of service attack
From: antirez () INVECE ORG (antirez () INVECE ORG)
Date: Tue, 7 Dec 1999 19:17:37 +0100


On Tue, Dec 07, 1999 at 11:29:56PM +1100, Darren Reed wrote:
Who has more free file descriptors & network ports, you or the ftp server ?

Using raw sockets it's possible to simulate a lot of descriptors/open ports.
You just needs to drop outgoing RST in order to implement your
ftpd-dos-oriented TCP/IP micro-stack with a minimal memory requirement.
In a word: the attacker has more free file descriptors & network ports every
times the exploit just do a simple operation such USER/PASS authentication.
This isn't true only for this attack but for many others and results in the
ability to perform this kind of DoS against a very big server using little
resources.

antirez


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]