Re: [Nagios-devel] (Fwd) Denial of Service Vulnerability in Nagios
Posted: Mon Jul 21, 2003 7:43 pm
=2D----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
> On Tuesday 22 July 2003 08:06, Karl DeBisschop wrote:
> kernel switch or router protects against SYN flood - exhaustion of
> resource after 20 or so connections. Where this is says it can be
> created by only 2, I think the problem is likely in NRPE
>
> I can't claim to be the worlds greatest expert, but I'll check out the
> source tonight and see if I can help find anything. (Sounds like GDB
> could help find where for people who are setting doen to experiment from
> the implementation side, rather than from a code review.
>
> --
> Karl
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: VM Ware
> With VMware you can run multiple operating systems on a single machine.
> WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
> same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
> _______________________________________________
> Nagios-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/lis ... gios-devel
Hi=20
I have been following this topic and actually tested out on a x86 platform.=
=20
Tried sending a few SYN packets to the NRPE daemon, but I did not manage to=
=20
see it crash. Have anyone tested it yet?
Thanks and Best Regards,
Jasmine
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/HLKXNgvTa7Hj2AURAmcvAKCEAR6DPvu6DAs2ur4KEbEevhTv+ACfeksx
wn2gP6TO200uKG8N9isEABc=3D
=3DAs2q
=2D----END PGP SIGNATURE-----
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]
Hash: SHA1
> On Tuesday 22 July 2003 08:06, Karl DeBisschop wrote:
> kernel switch or router protects against SYN flood - exhaustion of
> resource after 20 or so connections. Where this is says it can be
> created by only 2, I think the problem is likely in NRPE
>
> I can't claim to be the worlds greatest expert, but I'll check out the
> source tonight and see if I can help find anything. (Sounds like GDB
> could help find where for people who are setting doen to experiment from
> the implementation side, rather than from a code review.
>
> --
> Karl
>
>
>
> -------------------------------------------------------
> This SF.net email is sponsored by: VM Ware
> With VMware you can run multiple operating systems on a single machine.
> WITHOUT REBOOTING! Mix Linux / Windows / Novell virtual machines at the
> same time. Free trial click here: http://www.vmware.com/wl/offer/345/0
> _______________________________________________
> Nagios-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/lis ... gios-devel
Hi=20
I have been following this topic and actually tested out on a x86 platform.=
=20
Tried sending a few SYN packets to the NRPE daemon, but I did not manage to=
=20
see it crash. Have anyone tested it yet?
Thanks and Best Regards,
Jasmine
=2D----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
iD8DBQE/HLKXNgvTa7Hj2AURAmcvAKCEAR6DPvu6DAs2ur4KEbEevhTv+ACfeksx
wn2gP6TO200uKG8N9isEABc=3D
=3DAs2q
=2D----END PGP SIGNATURE-----
This post was automatically imported from historical nagios-devel mailing list archives
Original poster: [email protected]