On Fri Sep 26, 2003 at 07:46:56PM +0200, Michael Scherer wrote: > > Very true. But every openssh vuln hasn't been a crash or DoS. Mind > > you, with openssh a DoS is bad enough. Need to remote admin servers? > > What happens if the server goes down and you're stuck driving a long > > time to get to the machine? (It's happened). > > > > A DoS in apache is one thing... ssh in and restart. A DoS in ssh is > > another... how do you ssh in to fix it if ssh doesn't work? > > isn't there sshd-monitor for restarting ssh ?
In contribs. But that isn't the point. I can make a whole bunch of monitors to handle the other services as well. What if this vuln didn't crash sshd but hung it? doesn't sshd-monitor just restart ssh if it dies? what if this problem hung/froze sshd but didn't kill it? just make it consume cpu, etc. Anyways, that isn't really the point. I was demonstrating that something that looks like a "simple DoS" might have more adverse affects than one might think about by reading that it was just a "simple DoS". -- MandrakeSoft Security; http://www.mandrakesecure.net/ Online Security Resource Book; http://linsec.ca/ "lynx -source http://linsec.ca/vdanen.asc | gpg --import" {FE6F2AFD : 88D8 0D23 8D4B 3407 5BD7 66F9 2043 D0E5 FE6F 2AFD}
pgp00000.pgp
Description: PGP signature