iptables v1.2.2 local DoS

From: red0x (red0x@users.sourceforge.net)
Date: 08/23/01

Previous message: fintler: "Re: Windows XP RC2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: red0x <red0x@users.sourceforge.net>
To: vuln-dev@securityfocus.com
Subject: iptables v1.2.2 local DoS
Date: Thu, 23 Aug 2001 14:52:12 -0700
Message-Id: <01082314521202.03845@playground>

Some time ago, I posted a few messages that got rejected by the moderator.

This, hopefully wont.

I was having problems involvine my kernel (2.4.5) dying when i would try to
ssh from my webserver to my local work station (using scp).

Here is what i have discovered so far:

iptables -A INPUT -j LOG -p tcp -i eth0 --syn --dport 22 -m limit --limit 2/s
causes a lock up when i try and SSH

Is this a bug or just my missuse of the limit match?

-- 
--red0x

Previous message: fintler: "Re: Windows XP RC2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: Hardening a Solaris system.
... START by running JASS and probably shutting down ... > you can isolate things like a webserver/ftpserver on one port and have ... forward the request to the third SUN webserver. ... Then you use SSH do admin the machine from the INSIDE, ...
(comp.unix.solaris)
Re: Hardening a Solaris system.
... START by running JASS and probably shutting down ... > you can isolate things like a webserver/ftpserver on one port and have ... forward the request to the third SUN webserver. ... Then you use SSH do admin the machine from the INSIDE, ...
(comp.security.unix)
Re: Sind das Angriffe?
... root Login per SSH komplett verbieten. ... Für den SSH-Zugriff aus dem Internet auf die Firewall geht das sehr gut. ... der DMZ genauso absichern. ... Von außen erreiche ich den Webserver nicht direkt. ...
(de.comp.security.firewall)
Re: Sind das Angriffe?
... PasswordAuthentification in der sshd_config komplett abschalten. ... Ich würde nun auch gerne den hinter der Firewall liegenden Webserver in der DMZ genauso absichern. ... Den Zugriff erreiche ich derzeit mit einem ersten ssh auf die Firewall und dann von dort per ssh auf den Webserver. ...
(de.comp.security.firewall)
Re: pix 515e DMZ
... allow traffic to the dmz. ... 53/udp from webserver to known external dns hosts ... 123/udp from webserver to known external ntp hosts ... ssh from a defined source to the webserver ...
(comp.dcom.sys.cisco)