--------------------------
 ssh 1.2.30 limits patch by [Ultor@hert.org] [HERT]
-------------------------

 1. DESCRIPTION
 2. INSTALLATION
 3. INSTALLATION FOR DUMMIES
 4. TEST
 5. CONCLUSION

------------
 1. DESCRIPTION
------------

 I had a problem with resource limits in the ssh 1.2.30.  I was describing
 limits in /etc/limits  ('man limits' for info)  file but sshd  were never
 using it. Some people said to enable "UseLogin" option in sshd config but
 the effect was the same :(. I've tested some patches available on the net
 and the  effect was the same too. The only way was to use PAM but what to
 do if I don't want to use PAM ? Simple - patch it !
 
 Why should I use limits ?
 
 I think using limits is very important for security.  It protects system
 from many DoS attacks. Check this out:
 
 darkstar:/$ ulimit -a
 core file size (blocks)  0
 data seg size (kbytes)   unlimited
 file size (blocks)       unlimited
 max memory size (kbytes) unlimited
 stack size (kbytes)      8192
 cpu time (seconds)       unlimited
 max user processes       256
 pipe size (512 bytes)    8
 open files               256
 virtual memory (kbytes)  2105343
 
 You can see many "unlimited" here for example  'max memory size' .... if
 it's unlimited one user can use 100% of server memory. Same with others.
 This is very dangerous to leave this  unlimited  because user can  crash
 all server using very simple proggie.

 --- deadly_fork.c ---

 int main() { for(;;) fork(); }

 --- deadly_fork.c ---
 
 This simple 1 line proggie can crash our server if ther's no limits set.
 
------------
 2. INSTALLATION
------------

 It's very easy. Just copy all files to  ssh-1.2.30  and run ./PATCHLIMITS
 Remember to do it before you'll start to ./configure ssh. It's good to do
 'make clean' first. 

------------
 3. INSTALLATION FOR DUMMIES
------------

 Ok so u're newbie. This example should help you.

 ultor:/dummie# ls
 ssh-1.2.30.tgz         ssh-1.2.30-limits_patch.tgz
 ultor:/dummie# tar zxvf ssh-1.2.30.tar.gz
 ultor:/dummie# ls -al
 total 4832
 drwxr-xr-x   3 root     root         1024 Nov 15 22:33 ./
 drwxr-xr-x  22 root     root         1024 Nov 15 22:32 ../
 drwxr-xr-x   4 17275    20           3072 May 12  1999 ssh-1.2.30/
 -rw-r--r--   1 root     root         6593 Nov 15 22:32 ssh-1.2.30-limits_patch.tgz
 ultor:/dummie# tar zxvf ssh-1.2.30-limits_patch.tgz
 ultor:/dummie# ls
 ssh-1.2.30/            ssh-1.2.30-limits_patch/
 ultor:/dummie# cp ssh-1.2.30-limits_patch/* ssh-1.2.30
 ultor:/dummie# cd ssh-1.2.30
 ultor:/dummie/ssh-1.2.30# ./PATCHLIMITS
 -----------------------------------------
     sshd 1.2.30 limits patch by Ultor
     	    [Ultor@hert.org]
		 [HERT]
 -----------------------------------------
 -= Doing limits.o ....
 -= OK limits.o done
 -= Patching Makefile.in ...
 patching file Makefile.in
 -= Patching sshd.c ...
 patching file sshd.c
 -= OK DONE ?

 ultor:/dummie/ssh-1.2.30# ./configure

          .. and then 'make all' and 'make install' but u should know that.

 HOW TO USE LIMITS ?

 All limits are described in /etc/limits file ('man limits' for more info).
 Here u got example of resource limits described for user ultor.

 ultor:/etc# cat limits
 ultor C0D10240F5000S1500N25U15M5000R5000L2
 
 or other way
 
 ultor:/etc# cat limits
 * C0D10240F5000S1500N25U15M5000R5000L2
 admin -
  
------------
 4. TEST
------------

 OS: Linux Slackware 3.9 (kernel 2.0.38).

 ultor:/# ls -al /etc/limits
 -rwxr-xr-x   1 root     root           43 Nov 15 21:28 /etc/limits
 ultor:/dummie/ssh-1.2.30# ssh -l ultor localhost
 ultor@127.0.0.1's password:
 Last login: Mon Nov 15 21:25:13 1999 from localhost
 Linux 2.0.38.
 You have mail.
 ultor:~$ ulimit -a
 core file size (blocks)  0
 data seg size (kbytes)   10240
 file size (blocks)       5000
 max memory size (kbytes) 5000
 stack size (kbytes)      1500
 cpu time (seconds)       unlimited
 max user processes       15
 pipe size (512 bytes)    8
 open files               25
 virtual memory (kbytes)  11740
 ultor:~$ ulimit -c 5
 ulimit: cannot raise limit: Operation not permitted

 OS: Linux Slackware 7.1 (kernel 2.2.16)

 after user ultor logged
 
 ultor@gate:~$ cat /etc/limits 
 * C0D4096F10000S3000N25U15M15000R5000L3
 ultor@gate:~$ ulimit -a
 core file size (blocks)     0
 data seg size (kbytes)      4096
 file size (blocks)          10000
 max locked memory (kbytes)  15000
 max memory size (kbytes)    5000
 open files                  25
 pipe size (512 bytes)       8
 stack size (kbytes)         3000
 cpu time (seconds)          unlimited
 max user processes          15
 virtual memory (kbytes)     unlimited

... so it works here. 

------------
 5. CONCLUSION
------------

 GREETZ TO HERT #HAX #C #PLUG

 VISIT: www.hert.org

----------------------
 Marek Bialoglowy [Ultor@hert.org] ------ Network Security Consultant
 GROUP: HERT (www.hert.org) -- PGP: http://www.hert.org/pgp/Ultor.asc
----------------------
