New Denial of Service Attack on Panix\
Avi Freedman
freedman at netaxs.com
Thu Oct 3 06:46:37 UTC 1996
> The draft BCP that people are working on is OK.
>
> However, much of what I have seen today in my lab, might
> be better off discussed in private... I'll say, as most
> of you know, SR filtering is useful, but it cannot
> stop the attacks.
>
> Kernel Protection and Recovery Tools are Critical
> and Needed in a Hurry.
>
> Right now, I could use a 'simple command line flush
> the queue, close all sockets, release all descriptors'
> tool.
Comment out the line in /etc/inetd.conf; kill -1 the inetd proc;
stop any processes listing on those ports; comment it back in;
kill -1 inetd again. If you want to command-line it, move a file with
the commented line in and out of /etc/inetd.conf's place.
When there's nothing listening on those ports all the sockets, descriptors,
queues, pcbs, etc... go away.
Is this not what you were thinking of?
> If anyone has such a critter, it is one more brick
> in the wall.
>
> Please let me know. via e-mail, thanks.
>
> Regards,
>
> Tim
Avi
More information about the NANOG
mailing list