Dennis Davis writes:
> >Many of you already know this from a posting(s) on either bugtrack or on
> >NetBSD-users@. Attached with this mail is an exploit (DoS), that kills
> >inetd processes. I have been able to reproduce this on:
Are you sure it kills inetd. Inetd purposely closes down a service after n
connects per minute, where n defaults to 256. Use the -R option
to inetd to change n on a global bases.
Also, if you look the man page you'll see that the syntax for inetd.conf
is "wait/nowait[.max]". The man page says:
inetd to check for new service requests to spawn new servers. The op-
tional ``max'' suffix (separated from ``wait'' or ``nowait'' by a dot)
specifies the maximum number of server instances that may be spawned from
inetd within an interval of 60 seconds. When omitted, ``max'' defaults
to 256.
Technically that is incorrect. It should read something like
"When omitted, ``max'' defaults to the value set with the -R option."
inetd does this by design. Is it a DOS when a program works as designed,
is configurable to work differently, but wasn't configured?
// marc
|