Sorry for old news - but there is no still any patch against this DoS
on an official ssh site.
> From: Jose Nazario <[EMAIL PROTECTED]>
>
> yeah, i noted this to the ssh development team in march, 1999. this was
> under version 1.2.26, and then 1.2.27 came out and there was no fix for
> it. i didn't BUGTRAQ it as i find such info without a real fix to be
> irresponsible. my coding sucks and i haven't been able to get my
> MaxClients parameter to work in sshd. this would then be analogous to that
> found in the apache web server. my incomplete code diffs are available to
> anyone who wants to make it work, i get errors when it forks the child
> process to handle the socket.
Unofficial quick patch is on http://sonet.crimea.ua/sshd_patch/
Limits max connections from the same IP and max number of children
(I didn't played with accept()/SYN/spoofing things - so last
parameter may be more relevant).
Parameters are hardcoded ("keep it simple, stupid" in mind).
--
Stas Kisel. UNIX, security, C, TCP/IP, Web. UNIX - the best adventure game
http://www.tekmetrics.com/transcript.shtml?pid=20053 http://www.crimea.edu
+380(652)510222,230238 ; [EMAIL PROTECTED] [EMAIL PROTECTED] ; 2:460/54.4
