Я попробовал на 2.4.2 academ чего-то там. Вот тачка (BSDI 2.1) работает
с утра без проблем. Лишь загрузка поднялась до 3.
>
> I think that mos of you receive bugtraq but for the sake of health
>
>
> ------
> Ilya Shulman ish@east.ru +7-095-956-4951 ISH-RIPN
> East Connection ISP, Moscow, Russia.
>
> ----------
> > From: Aleph One <aleph1@dfw.net>
> > To: BUGTRAQ@NETSPACE.ORG
> > Subject: FTP compromise.
> > Date: 9 ЯЕМРЪАПЪ 1997 Ц. 18:45
> >
> > ---------- Forwarded message ----------
> > Date: Tue, 9 Sep 1997 14:43:46 +0100
> > From: Josef Karthauser <joe@pavilion.net>
> > To: security@FreeBSD.ORG
> > Subject: FTP compromise.
> >
> > I found this today. Any comments?
> >
> >
> > BUG: wu_ftpd (all versions)
> >
> > TESTED: BSDI 3.0 (all patches), FreeBSD 2.2.1
> >
> > DATE: 15th Aug 1997
> >
> > REPEAT BY: Log into a wu_ftp server (either anonymously or as a
> user)
> > and issue the command...
> >
> > nlist ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/
> > ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/
> > ../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/../*/
> > ../*/../*/../*/../*/../*../*../*
> >
> > DESCRIPTION: You can severly compromise the ftp servers performance.
> > This command will create a HUGE directory listing, no
> > matter how many files/directories are in the current
> > directory (this is recursive).
> >
> > CONSEQUENCES: These vary. On my FreeBSD 2.2 box I was able to eat up
> > all memory and swap memory until the kernel spewed
> > "out of swap space" errors and killed a few processes.
> > It also eats up all available CPU space (up to 99.22%
> > on my box). If repeated a few times you will no
> > longer use up swap space and the processor usage will
> > rocket and stay there for quite a while (hours). Since
> > the ftpd program is still processing the command your
> > ftp session will not idle timeout. However, if you
> > do decide to kill your attacking ftp session, ftpd
> > will still process teh command and therefore, the hosts
> > resources will take a beating.
> >
> > Basically, it looks like any user can severely drain
> > your systems resources - a kind of Denial of Service
> > attack. I was able to use up all remaining processor
> > time for two hours (would have gone on for much longer
> > only I got bored and kill it).
> >
> > CONTACT: You can email me at ener@shell.firehouse.net if you
> > want to discuss this problem further (or let me know
> > if it works on any other ftpd).
> >
> > --
> > Josef Karthauser
> > Technical Manager Email: joe@pavilion.net
> > Pavilion Internet plc. [Tel: +44 1273 607072 Fax: +44 1273 607073]
> =============================================================================
> "inet-admins" Internet access mailing list. Maintained by East Connection ISP.
> Mail "unsubscribe inet-admins" to Majordomo@east.ru if you want to quit.
> List archive is accessible at
>
--
Pavel V. Nikiforov.
nic-hdl: PVN1-RIPN
InterNIC: NP651
=============================================================================
"inet-admins" Internet access mailing list. Maintained by East Connection ISP.
Mail "unsubscribe inet-admins" to Majordomo@east.ru if you want to quit.
List archive is accessible at
