[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)

Subject: [cobalt-users] Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)
From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
Date: Sat Mar 17 03:27:17 2001
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> Within the last few hours it's become clear theres a simple DoS in
> Cobalt's FTPd which causes the RaQ (2/3/4i) to shoot to 100% cpu load.
> Repeat the steps a few times (takes minutes to do) and the RaQ completely
> stops responding (well, it becomes so lagged its completely unusable at
> any rate), and you have to hit the reset switch.

There is now a published workaround which I've tested on both RaQ3'sand
RaQ4's:
http://bugs.proftpd.org/show_bug.cgi?id=1066

Basically, you need to add the follwing filter to your /etc/proftpd.conf
file with the <Global></Global> directive:

    DenyFilter   \*.*/

Don't forget to restart inetd too:
/etc/rc.d/init.d/inet restart


Regards,
Jonathan Michaelson

Follow-Ups:
- [cobalt-users] Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)
  - From: baltimoremd

Prev by Date: Re: [cobalt-users] recommendation needed
Next by Date: Re: [cobalt-users] Weekly Cron Error zcat
Previous by thread: Re: [cobalt-users] Check this one out
Next by thread: [cobalt-users] Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index