Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1998: Re: ANNOUNCE: secure identd v0.3

Re: ANNOUNCE: secure identd v0.3

Taral (taralMAIL.UTEXAS.EDU)
Wed, 16 Sep 1998 18:22:37 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Kragen: "Re: ANNOUNCE: secure identd v0.3"
Previous message: Wietse Venema: "Re: ANNOUNCE: secure identd v0.3"
In reply to: Wietse Venema: "Re: ANNOUNCE: secure identd v0.3"
Next in thread: Wietse Venema: "Re: ANNOUNCE: secure identd v0.3"

Actually, a secure box should run with RLIMIT_AS (Linux-ism?) set on all
daemons... I started using it on apache httpd to prevent the header-spam
DoS, but it seems like a good idea on all processes that shouldn't consume
much memory.

Taral

> -----Original Message-----
> Suggested fix: read a fixed-size read buffer from the network.  No
> reasonable ident query needs to be longer than a couple bytes for
> the two port numbers. When used in the right place, fixed-size
> buffers are beneficial to security.
>
>         Wietse
>

Next message: Kragen: "Re: ANNOUNCE: secure identd v0.3"
Previous message: Wietse Venema: "Re: ANNOUNCE: secure identd v0.3"
In reply to: Wietse Venema: "Re: ANNOUNCE: secure identd v0.3"
Next in thread: Wietse Venema: "Re: ANNOUNCE: secure identd v0.3"