Ben Kamen wrote: > Has anyone noticed this? I'm seeing a lot of open connections in > Sendmail like this:
> sendmail: server 71-10-225-162.dhcp.oxfr.ma.charter.com [71.10.225.162] > cmd read Yep. I've set this in sendmail.mc: define(`confTO_COMMAND',`40s') and haven't noticed any ill effects. It is a DoS waiting to happen, because the default Timeout.command is 1 hour! If you want to kill someone's machine, just open up lots of connections to port 25 and sit doing nothing. If you have control of many zombie machines, you can fill up the victim's process table in a trice while consuming almost no resources on your botnet. Regards, David. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
