[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)
- Subject: Re: [cobalt-security] FTPD DoS (x-posted to cobalt-users)
- From: "Jonathan Michaelson" <michaelsonjd@xxxxxxxxxxx>
- Date: Sat, 17 Mar 2001 13:05:23 -0000
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
> Chris,
>
> > Can I ask why you need to restart inetd .. IMHO your talking poop.
> >
> > Your not changing /etc/inetd.conf so in reality you do not need to
restart
> > inetd in this case. The next time someone uses the ftp server it will
pick
> > up the new config file since its does not run in the background and even
> it
> > it did, you would need to restart the ftp server and not inetd.
>
> Being offensive doesn't really promote good discussion on a mailing list,
> does it?
>
> So, your immature attitude aside...
>
> ProFTP on the RaQ servers runs through inet and so restarting inetd is the
> method for restarting the ftp server.
>
> If you only want to prevent new users from using the DoS, then sure, don't
> restart inet. If, however, you are a responsible sysadmin, you might want
to
> stop any current users using an anti-idle from activiating the DoS on your
> server too, then killing off any current FTP sessions and restarting inet
> will ensure that.
>
> Your servers may not be important to you, but for many they are.
Actually, on reflection, you may even be right (as amazing as THAT seems),
in that you may not _have_ to restart inetd. But you will certainly want to
stop any current sessions and restarting a daemon after a configuration
change is always good practice so that you can catch any mistakes that YOU
make in the configuration file.
You do check your log files after every config file change don't you? And
test it? Or do you just wing it?
Whatever.
One asshole aside, hopefully helping others with the security of their
servers is worthwhile.
Jonathan Michaelson