Mailinglist Archive: opensuse-security (231 mails)
| < Previous | Next > |
RE: [suse-security] Fwd: DOS against SuSE's identd
- From: "Shinton, Daniel J." <DJShinto@xxxxxxxx>
- Date: Tue, 17 Aug 1999 08:01:27 -0400
- Message-id: <9A74C89D6696D2118E500008C7BA7C5609173CA3@xxxxxxxxxxxxxxxxxx>
>> SuSE seems not to be interested in this bug becaus they did not
>> answer any of my mails.
>
>Now THIS is a HUGE security problem. SuSE what's going on?
This is NOT a huge security problem. There are several identd
packages out there and some of those are susceptible to DoS attacks as well.
You can either change the timeout, switch to a more secure identd, or just
don't use identd at all. I'm sure SuSE will address this issue in future
releases.
Also, we shouldn't jump to conclusions about SuSE not answering his
email, the post on Bugtraq seems to have an anti-SuSE tone to it.
-Dan
>> answer any of my mails.
>
>Now THIS is a HUGE security problem. SuSE what's going on?
This is NOT a huge security problem. There are several identd
packages out there and some of those are susceptible to DoS attacks as well.
You can either change the timeout, switch to a more secure identd, or just
don't use identd at all. I'm sure SuSE will address this issue in future
releases.
Also, we shouldn't jump to conclusions about SuSE not answering his
email, the post on Bugtraq seems to have an anti-SuSE tone to it.
-Dan
| < Previous | Next > |