Re: QMail DOS

I was just reading that IBM is porting Linux apps to AIX. Maybe DOS is next... - Original Message - From: "Russell Nelson" <[EMAIL PROTECTED]> To: "Qmail Mailing List" <[EMAIL PROTECTED]> Sent: Monday, January 22, 2001 10:20 PM Subject: Re: QMail DOS

Re: QMail DOS

Russell Nelson <[EMAIL PROTECTED]> wrote: > QMail doesn't run under DOS. If we get 20 people together... -- Dan Peterson <[EMAIL PROTECTED]> http://danp.net

Re: QMail DOS

QMail doesn't run under DOS. -- -russ nelson <[EMAIL PROTECTED]> http://russnelson.com Crynwr sells support for free software | PGPok | "This is Unix... 521 Pleasant Valley Rd. | +1 315 268 1925 voice | Stop acting so helpless." Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | --Daniel J. Ber

Re: QMail DOS

> Which can easily be dealt with by setting Q/control/timeoutsmtpd to > a lower value (default is 1200 seconds). > > \Maex I am afraid it's not that straightforward. For instance, for a guy who is on a slow dial up connection (say 28.8kbps or less), and who is attempting to send large mes

Re: QMail DOS

On Mon, Jan 22, 2001 at 07:25:20PM -, Andrew Richards wrote: > The standard DoS is to open lots of SMTP connections to an SMTP server, > which could be qmail, or any other MTA - and leave them open. Which can easily be dealt with by setting Q/control/timeoutsmtpd to a lower value (default is

Re: QMail DOS

On Mon, Jan 22, 2001 at 08:32:58PM +, Jose AP Celestino wrote: > You should take a look at the following thread: > > http://www.ornl.gov/its/archives/mailing-lists/qmail/2001/01/msg00832.html > > Regards. > > On Mon, Jan 22, 2001 at 09:40:13AM -0500, Andy Abshagen wrote: > > We are in the m

Re: QMail DOS

You should take a look at the following thread: http://www.ornl.gov/its/archives/mailing-lists/qmail/2001/01/msg00832.html Regards. On Mon, Jan 22, 2001 at 09:40:13AM -0500, Andy Abshagen wrote: > We are in the midst of a security audit performed by Ernst & Young. They are >claiming something

RE: QMail DOS

Tap, tap, tap. Hello? Is thing on? Andrew Richards <[EMAIL PROTECTED]> wrote: >The standard DoS is to open lots of SMTP connections to an SMTP server, >which could be qmail, or any other MTA - and leave them open. No, the "standard" qmail DOS is to make a single connect

Re: QMail DOS

On Mon, Jan 22, 2001 at 09:40:13AM -0500, Andy Abshagen wrote: > We are in the midst of a security audit performed by Ernst & Young. They are >claiming something about a DOS situation. What I need to find out is whether there >are any known DOS situations out there. If so what needs to be don

RE: QMail DOS

>We are in the midst of a security audit performed by Ernst & Young. >They are claiming something about a DOS situation. What I need to >find out is whether there are any known DOS situations out there. >If so what needs to be done to take care of the problem. Andy, The standard DoS is to open

Re: QMail DOS

"Andy Abshagen" <[EMAIL PROTECTED]> wrote: >Yes. And no. I just read the preliminary report from them. The report >actually states in it that it only affect qmail 1.02 and older. They >dropped it on the report because they could not get our mail server to >report a version number. Since we a

Re: QMail DOS

oblem" from the report. Thanks for the all the responses though. Andy - Original Message - From: "Greg Cope" <[EMAIL PROTECTED]> To: "Andy Abshagen" <[EMAIL PROTECTED]> Cc: "Qmail Mailing List" <[EMAIL PROTECTED]> Sent: Monday, January 2

Re: QMail DOS

Michael Maier <[EMAIL PROTECTED]> wrote: >Just use tcpserver or xinetd! No, that's not sufficient. -Dave

Re: QMail DOS

> We are in the midst of a security audit performed by Ernst & Young. > They are claiming something about a DOS situation. What I need to > find out is whether there are any known DOS situations out there. If > so what needs to be done to take care of the problem. ThanksAndy Just use tcpserver

Re: QMail DOS

"Andy Abshagen" <[EMAIL PROTECTED]> wrote: >We are in the midst of a security audit performed by Ernst & Young. >They are claiming something about a DOS situation. What I need to >find out is whether there are any known DOS situations out there. If >so what needs to be done to take care of the

Re: QMail DOS

> Andy Abshagen wrote: > > We are in the midst of a security audit performed by Ernst & Young. > They are claiming something about a DOS situation. What I need to > find out is whether there are any known DOS situations out there. If > so what needs to be done to take care of the problem. > >

QMail DOS

We are in the midst of a security audit performed by Ernst & Young.  They are claiming something about a DOS situation.  What I need to find out is whether there are any known DOS situations out there.  If so what needs to be done to take care of the problem.   Thanks   Andy

Re: IDS signatures and Qmail DoS attacks

Subba Rao writes: > I did not know that Qmail had some DoS attacks listed under it's > security belt. I saw some IDS signatures that indicated that > DoS attacks were being made against the Qmail server using long strings > of Qmail commands. Currently, Qmail does a good job at buffer overflow

IDS signatures and Qmail DoS attacks

I did not know that Qmail had some DoS attacks listed under it's security belt. I saw some IDS signatures that indicated that DoS attacks were being made against the Qmail server using long strings of Qmail commands. Currently, Qmail does a good job at buffer overflow type attacks. Are there any p