Subject: Re: inetd losing sockets
To: Neil Walker <netbsd@wynded.co.uk>
From: Stephen Borrill <netbsd@precedence.co.uk>
List: netbsd-users
Date: 11/01/2005 12:01:11
On Mon, 31 Oct 2005, Neil Walker wrote:
>> If you look in /var/log/messages, you'll probably see it complaining that
>> the service is looping and so will be terminated. This is down to the
>> number of requests per minute. Up this by putting a number after the
>> wait/nowait, e.g.:
> That was precisely the problem.
>
> Seems a bit odd, though. Here am I, a theoretical program running a denial of
> service attack on your server. If I launch enough requests, inetd is going to
> close the socket, thereby making the service permanently unavailable. Doesn't
> that mean that I win?
Yes, but you have to weigh this up against DoS down to resources being
exhausted and insulation from a brute-force password attack (for example),
both of which could cause more major damage. Perhaps inetd should restart the service
after a while (exactly as init does with gettys). Or perhaps it does, but
is undocumented.
(CC: set to netbsd-users).
--
Stephen