Date: Tue, 5 Dec 2000 07:35:26 -0800 From: Alfred Perlstein <bright@wintelcom.net> To: Siegbert Baude <siegbert.baude@gmx.de> Cc: Jeremiah Gowdy <jgowdy@home.com>, freebsd-questions@FreeBSD.ORG Subject: Re: A SECOND RAZOR/BINDVIEW ADVISORY !!! FreeBSD Admins ARE vulnerable !!! Message-ID: <20001205073525.X8051@fw.wintelcom.net> In-Reply-To: <3A2D08DF.E07321B3@gmx.de>; from siegbert.baude@gmx.de on Tue, Dec 05, 2000 at 04:25:19PM %2B0100 References: <005d01c05e69$794d73f0$aa240018@cx443070b> <3A2D08DF.E07321B3@gmx.de>
next in thread | previous in thread | raw e-mail | index | archive | help
* Siegbert Baude <siegbert.baude@gmx.de> [001205 07:25] wrote: > Hi Jeremiah, > > nice piece of parody. :-) > Are you referring to: > http://razor.bindview.com/publish/advisories/adv_NAPTHA.html ? > > What about the paragraph: > - FreeBSD 4.0-REL became unusable after 495 connections to the ssh > port. Each connection started an instance of the daemon which quickly > exhausted available file handles; the system reports "too many open > files in system". After approximately 30 minutes the connections start > timing out and the system becomes usable again. The problem with sshd was fixed several months ago, before FreeBSD 4.1 came out. FreeBSD's sshd is modified to throttle and quickly drop unauthorized connections so this probably doesn't apply. Even if it did cause some sort of resource problem it would be trivial to track the idiot down and break his arms and legs like my advisory suggests. -- -Alfred Perlstein - [bright@wintelcom.net|alfred@freebsd.org] "I have the heart of a child; I keep it in a jar on my desk." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20001205073525.X8051>