Multiple Platform remote CPU load issue in Samba 1.x and 2.x
Gerald Carter
gcarter at valinux.com
Wed Jun 14 13:53:39 GMT 2000
"J. Robert von Behren" wrote:
>
> The open question is what the appropriate fix should be.
> My thought is to simply track the number of bogus requests
> sent to the server, and kill the connection when too
> many of them have been seen.
Just off the top of my head, won't the next bogus request
(after being dropped) just cause another forked smbd
resulting in the same behavior?
But let's put this into perspective. Everyone should know
that if they allow the standard NetBIOS ports through
their firewall, the are asking for it. If someone on
your internal network does this, you yank their network
cable for a week minimum and bang on their head with a
rubber bat. :-)
Let's address the risk. I know the DoS is real,
but is it realistic. Just asking. No flames please.
jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com VA Linux Systems gcarter at valinux.com
http://www.samba.org SAMBA Team jerry at samba.org
http://www.eng.auburn.edu/~cartegw
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )
More information about the samba-technical
mailing list