|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: FTP denial of service attack
Subject: Re: FTP denial of service attack
From: Renaud Deraison (deraison
CVS.NESSUS.ORG)
Date: Tue Dec 07 1999 - 11:46:05 CST
- Next message: Henrik Nordstrom: "Re: FTP denial of service attack"
- Previous message: Mnemonix: "Re: Local user can fool another to run executable. .CNT/.GID/.HLP M$WINNT"
- In reply to: Darren Reed: "FTP denial of service attack"
- Next in thread: Darren Reed: "FTP DoS - PORT and PASV effected."
- Next in thread: Henrik Nordstrom: "Re: FTP denial of service attack"
- Reply: Renaud Deraison: "Re: FTP denial of service attack"
- Reply: Darren Reed: "FTP DoS - PORT and PASV effected."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 7 Dec 1999, Darren Reed wrote:
> Who has more free file descriptors & network ports, you or the ftp server ?
The attack you are describing is not new - this is just a PASV attack,
which has been around for years.
Hopefully, this problem is now solved.
Most modern FTP servers will :
- either issue an error when they are issued a second
PASV command
- either accept the new PASV command, but they will close
the previously open socket, so the FTP server has only
two fd's open at a time.
If your FTP server server do not do this, use a real one.
-- Renaud
-- Renaud Deraison The Nessus Project - http://www.nessus.org
- Next message: Henrik Nordstrom: "Re: FTP denial of service attack"
- Previous message: Mnemonix: "Re: Local user can fool another to run executable. .CNT/.GID/.HLP M$WINNT"
- In reply to: Darren Reed: "FTP denial of service attack"
- Next in thread: Darren Reed: "FTP DoS - PORT and PASV effected."
- Next in thread: Henrik Nordstrom: "Re: FTP denial of service attack"
- Reply: Renaud Deraison: "Re: FTP denial of service attack"
- Reply: Darren Reed: "FTP DoS - PORT and PASV effected."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Wed Dec 08 1999 - 21:09:53 CST