Re: Identd DoS Attacks
From: Simon Byrnand (simon@igrin.co.nz)Date: 10/15/01
- Previous message: Alejandro Perretta: "Limit the use of bandwich"
- In reply to: Seth Arnold: "Re: Identd DoS Attacks"
- Next in thread: Mathieu Desnoyers: "Re: Identd DoS Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Message-Id: <3.0.6.32.20011015123939.008fe380@mail.igrin.co.nz> Date: Mon, 15 Oct 2001 12:39:39 +1300 To: Seth Arnold <sarnold@wirex.com>, focus-linux@securityfocus.com From: Simon Byrnand <simon@igrin.co.nz> Subject: Re: Identd DoS Attacks
At 11:28 AM 11/10/01 -0700, Seth Arnold wrote:
>my guess is that the high load average comes because your identd is
>being run out of inetd. This causes a fork()/exec() for every incoming
>request, which is understandably causing your system a lot of trouble.
>
>I don't know the details of identd, but perhaps it would be possible to
>re-write it so that it is always running, rather than started from
>inetd.
At least one alternate ident daemon I know of - oidentd, can be configured
to run in either inetd mode, or as a standalone daemon. Presumably the
standalone mode has a much lower system impact under high load. The ident
daemon that ships with Redhat 6.2 is also a daemon instead of being inetd
based....
Regards,
Simon
- Previous message: Alejandro Perretta: "Limit the use of bandwich"
- In reply to: Seth Arnold: "Re: Identd DoS Attacks"
- Next in thread: Mathieu Desnoyers: "Re: Identd DoS Attacks"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
