Date: Wed, 31 Mar 2004 14:31:14 +0200 From: Rudolf Cejka <cejkar@fit.vutbr.cz> To: freebsd-hubs@freebsd.org, eik@freebsd.org Subject: Re: Problems with looping fetch auditfile.tbz from ftp sites Message-ID: <20040331123114.GA74562@fit.vutbr.cz> In-Reply-To: <20040331121736.GA68135@fit.vutbr.cz> References: <20040331121736.GA68135@fit.vutbr.cz>
next in thread | previous in thread | raw e-mail | index | archive | help
Rudolf Cejka wrote (2004/03/31): > I have problems with slowly coming ftp-DoS on ftp.cz.FreeBSD.org. What > about the other mirror sites? It started two weeks ago (and it is visible > since one week ago). When anybody installs security/portaudit, it wants > to automatically fetch -1am portaudit.tbz every day (?). If somebody is > protected by firewall, ftp server could not establish data connection and > returns error in an control connection. Unfortunately it seems to me, > that flags -1am for fetch mean to retry data download all the time > (-a = Automatically retry the transfer upon soft failures). Am I right? > Is it possible to do something with it? Thanks. Oops - I forgot to say the point: I have slowly growing number of active ftp connectoins permanently trying to retrieve portaudit.tbz from the server. Setting the idle timeout does not help, because the ftp control connection is alive all the time, because it tries to RETR portaudit.tbz with small delays equal to the data connection timeout from the server to the ftp client. -- Rudolf Cejka <cejkar at fit.vutbr.cz> http://www.fit.vutbr.cz/~cejkar Brno University of Technology, Faculty of Information Technology Bozetechova 2, 612 66 Brno, Czech Republic
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040331123114.GA74562>