Bugtraq: Re[2]: 11 years of inetd default insecurity?

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re[2]: 11 years of inetd default insecurity?

From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Mon, 8 Sep 2003 14:07:00 +0400

Dear Paul Szabo,



--Monday, September 8, 2003, 4:26:24 AM, you wrote to 3APA3A () SECURITY NNOV RU:

-R 0 -s your_ad_can_be_here


PS> Your  cure  is  worse  than  the disease: rate limiting allows a DoS
PS> against  the  service,  no  limit  allows  a  DoS  against the whole
PS> machine.

-s limits number of processes invoked from same IP. You can additionally
use  -c  to  prevent distributed attack. It doesn't allow to DoS box and
doesn't disable service for 10 minutes.

-- 
~/ZARAZA
Ну а теперь, Уильям, хорошенько поразмыслите над данным письмом. (Твен)

By Date By Thread

Current thread:

Re: 11 years of inetd default insecurity?, (continued)
- Re: 11 years of inetd default insecurity? Dan Harkless (Sep 09)
- Re: 11 years of inetd default insecurity? Darren Pilgrim (Sep 09)
- Re: 11 years of inetd default insecurity? Paul Szabo (Sep 08)
  - Re[2]: 11 years of inetd default insecurity? 3APA3A (Sep 08)
  - Re: 11 years of inetd default insecurity? Lucas Holt (Sep 08)
- Re: Re[2]: 11 years of inetd default insecurity? Paul Szabo (Sep 08)
  - Re[4]: 11 years of inetd default insecurity? 3APA3A (Sep 08)
- RE: 11 years of inetd default insecurity? bjornar.bjorgum.larsen (Sep 09)