mailing list archives
FTP DoS - PORT and PASV effected.
From: avalon () COOMBS ANU EDU AU (Darren Reed)
Date: Wed, 8 Dec 1999 08:19:41 +1100
In some mail from Renaud Deraison, sie said:
On Tue, 7 Dec 1999, Darren Reed wrote:
Who has more free file descriptors & network ports, you or the ftp server ?
The attack you are describing is not new - this is just a PASV attack,
which has been around for years.
Hopefully, this problem is now solved.
btw, a similar sort of attack can be mounted using the PORT command.
You just need to setup a local listener, etc, or get the ftp server
to try connect to lots of network 10 sites in < 75 seconds before
TCP connect's start timing out. I'll leave that as an exercise for
the reader - a correct fix for the PASV problem should fix this one
as well (and the exploit is almost the same too).
From the SCO Security Page Alfred Huger (Dec 06)
w00giving #8] Solaris 2.7's snoop Aleph One (Dec 07)
FTP denial of service attack Darren Reed (Dec 07)
Re: FTP denial of service attack antirez () INVECE ORG (Dec 07)
Re: FTP denial of service attack Dustin Miller (Dec 07)
Re: FTP denial of service attack bert hubert (Dec 07)