From owner-freebsd-questions Thu Jul 26 2:24:32 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mail.freebsd-corp-net-guide.com (mail.freebsd-corp-net-guide.com [206.29.169.15]) by hub.freebsd.org (Postfix) with ESMTP id 68E1B37B401 for ; Thu, 26 Jul 2001 02:24:27 -0700 (PDT) (envelope-from tedm@toybox.placo.com) Received: from tedm.placo.com (nat-rtr.freebsd-corp-net-guide.com [206.29.168.154]) by mail.freebsd-corp-net-guide.com (8.11.1/8.11.1) with SMTP id f6Q9O6848357; Thu, 26 Jul 2001 02:24:07 -0700 (PDT) (envelope-from tedm@toybox.placo.com) From: "Ted Mittelstaedt" To: "Kris Kennaway" , "Shawn Ramsey" Cc: Subject: RE: telnetd problem? Date: Thu, 26 Jul 2001 02:24:06 -0700 Message-ID: <00b401c115b4$b78dbaa0$1401a8c0@tedm.placo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3155.0 In-Reply-To: <20010726004017.A42068@xor.obsecurity.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG That's a bandaid. He stated that the problem wasn't happening until he updated to the new code, so obviously a patch they put into the telnetd broke something. In any case this posting is completely inappropriate on this list - he should be subscribed to -stable if he's running stable and he should be submitting these kinds of things there. Please don't clutter the general -questions list with problems with beta versions of FreeBSD!! Ted Mittelstaedt tedm@toybox.placo.com Author of: The FreeBSD Corporate Networker's Guide Book website: http://www.freebsd-corp-net-guide.com >-----Original Message----- >From: owner-freebsd-questions@FreeBSD.ORG >[mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Kris Kennaway >Sent: Thursday, July 26, 2001 12:40 AM >To: Shawn Ramsey >Cc: questions@FreeBSD.ORG >Subject: Re: telnetd problem? > > >On Thu, Jul 26, 2001 at 12:14:43AM -0700, Shawn Ramsey wrote: >> We seem to be getting some port 23 IRC probes or something. This is causing >> a bunch of telnetd daemons to start, and they never die. So the number of >> telnetd daemons grow until running on of ptys. Short of blocking telnetd >> access, is there anything than can be done about this? There are dozens of >> telnetd daemons open, and no active port 23 traffic. Why won't they die? > >There's an exploit which involves sending 16MB of data to the telnetd >server. People are probably doing that and it's (predictably) taking >a long time to complete. Restrict connections to telnetd or use >inetd's rate/child-limiting facilities. > >Kris > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message