On Fri, 19 Oct 2001, George Metz wrote: > The DoS attack has something to do with creating massive numbers of > symlinks and then dereferencing them; I haven't tried the attack script on > my LRP box yet, but I'm going to as soon as I finish upgrading my server > to 2.4.12-ac3. Apparently, the DoS attack is still present in at least one > customized 2.4.12 kernel, so be careful of that as well. A patch was > presented for 2.2.19 for both vulnerabilities; if I find LRP 2.9.8 > vulnerable, I'll be compiling the patch in and will make it available.
***UPDATE*** The sequence for the DoS attack is to take a file, mklink.sh, and execute it, thereby making a number of very "deep" symlinks, then doing a "head l0" - l0 being one of the symlinks created. I just decided to test this on my LRP box, and it rebooted itself after about 45 seconds to a minute. Surprised me when it did, too. While the "head" process was running, I saw a tiny bit of latency in loading a webpage, but there was no noticeable change in the pingtimes I was receiving. Working on this; will let everyone know later what the word is. -- George Metz Commercial Routing Engineer [EMAIL PROTECTED] "We know what deterrence was with 'mutually assured destruction' during the Cold War. But what is deterrence in information warfare?" -- Brigadier General Douglas Richardson, USAF, Commander - Space Warfare Center _______________________________________________ Leaf-devel mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-devel
