[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)
- Subject: Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)
- From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
- Date: Sat, 17 Mar 2001 10:38:14 -0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> Within the last few hours it's become clear theres a simple DoS in
> Cobalt's FTPd which causes the RaQ (2/3/4i) to shoot to 100% cpu load.
> Repeat the steps a few times (takes minutes to do) and the RaQ completely
> stops responding (well, it becomes so lagged its completely unusable at
> any rate), and you have to hit the reset switch.
There is now a published workaround which I've tested on both RaQ3'sand
RaQ4's:
http://bugs.proftpd.org/show_bug.cgi?id=1066
Basically, you need to add the follwing filter to your /etc/proftpd.conf
file with the <Global></Global> directive:
DenyFilter \*.*/
Don't forget to restart inetd too:
/etc/rc.d/init.d/inet restart
Regards,
Jonathan Michaelson