Re: Sendmail DOS
On Thu, 22 Feb 2001 12:59:06 Jean-Francois JOLY wrote:
| Hello Everybody,
|
| I've ran Nessus against some servers and it reports me that
| sendmail
| is vulnerable to a Syn Flood. I've grabbed utilities to test the
| vulnerabilitie and haven't succeed to reproduce the problem.
| I've found no information about this vulnerabilitie.
| Do you know if this is a true problem or just a false report ?
|
| In my configuration, Sendmail is run as a standalone daemon.
| Should I include it in Xinetd to stop the Problem ?
Somehow I don't think its necessary (I could be wrong).
Look in /etc/<mail/>sendmail.cf for:
# load average at which we refuse connections
O RefuseLA=10
# maximum number of children we allow at one time
O MaxDaemonChildren=50
# maximum number of new connections per second
O ConnectionRateThrottle=3
Any of the above options should be able to prevent a DoS, from
their description, if they are implemented correctly. At least,
they'll offer as much protection as inetd can. I've used them
before when a mail script when crazy and caused too many
connections.
Anyway, Debian Potato ships with Exim, not sendmail.
| Thanks.
|
| --
| Best regards,
| Jean-Francois mailto:jfjoly@free.fr
|
|
|
| --
| To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
| with a subject of "unsubscribe". Trouble? Contact
| listmaster@lists.debian.org
|
Kind regards,
Berend
--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Berend De Schouwer, +27-11-712-1435, UCS
Reply to: