In some mail from Renaud Deraison, sie said:
>
> On Tue, 7 Dec 1999, Darren Reed wrote:
>
> > Who has more free file descriptors & network ports, you or the ftp server ?
>
>
> The attack you are describing is not new - this is just a PASV attack,
> which has been around for years.
>
> Hopefully, this problem is now solved.
[...]
btw, a similar sort of attack can be mounted using the PORT command.
You just need to setup a local listener, etc, or get the ftp server
to try connect to lots of network 10 sites in < 75 seconds before
TCP connect's start timing out. I'll leave that as an exercise for
the reader - a correct fix for the PASV problem should fix this one
as well (and the exploit is almost the same too).
Darren
