Pb with inetd and ftp/tcp
I'm using a debian systems for 3 years or so with no problem at all. But
recently I discovered a rather stranger behavior with inetd and
particularly with ftp
Imagine that an evil person want to crash your machine sending a lot of
non-authorized ftp requests like this (shell is zsh)
$ while `true`
$ do
$ lftp -u foo,bar -e ls target-host &
$ done
after a few loops, the inetd daemon detects a problem and stops the ftp
server.
--> I found this message in the /var/log/daemon.log of the target-host
(in fact localhost :-))
Jun 19 14:34:52 joebar inetd[22750]: ftp/tcp server failing (looping),
service terminated
So as I understand it, anyone who has a tcp access to a machine can send a
huge amount of invalid ftp request and therefore crashes (or stops) the
ftp server !!!
Is it a normal behavior ?
JM
--
Jean-Michel Rouet (thesard Dpt ITI) | Tel : +33 298 001 057
ENST de Bretagne | email : JM.Rouet@enst-bretagne.fr
29285 Brest Cedex |
France | http://www-iti.enst-bretagne.fr/~rouet/
Reply to: