(Fwd) Denial of Service Vulnerability in Nagios

Ethan Galstad nagios at nagios.org
Tue Jul 22 00:54:18 CEST 2003


On 21 Jul 2003 at 6:40, Karl DeBisschop wrote:

> On Mon, 2003-07-21 at 00:59, Ethan Galstad wrote:
> > Anyone have any comments on this?  NRPE doesn't use much other than 
> > standard socket functions (listen(), accept(), send(), etc.), so I'm 
> > not sure what I could do other than tell people to run NRPE under 
> > inetd/xinetd...
> 
> I don't know if people can help without having a copy of the advisory. 
> 
> It might be useful to pass on the xinetd idea as a short-term workaround
> while you/we look further into it. But if you present that as a final
> solution, it's might to be taken as refusal to take bugs seriously.
> 

Hehe - I knew I shouldn't have been trying to send coherent email out 
at midnight.  I've attached the originally ommitted advisory.  From 
what I've seen looking around the net, protecting against SYN attacks 
usually involves mods to one's router or enabling SYN cookies in the 
kernel. I could be wrong though.  Anyone have any thoughts or 
comments on this?  

Ethan Galstad,
Nagios Developer
---
Email: nagios at nagios.org
Website: http://www.nagios.org

-------------- next part --------------
The following section of this message contains a file attachment
prepared for transmission using the Internet MIME message format.
If you are using Pegasus Mail, or any other MIME-compliant system,
you should be able to save it or view it from within your mailer.
If you cannot, please ask your system administrator for assistance.

   ---- File information -----------
     File:  Qualys Security Advisory QSA-2003-07-17.txt
     Date:  21 Jul 2003, 17:51
     Size:  2057 bytes.
     Type:  Text
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Qualys Security Advisory QSA-2003-07-17.txt
Type: application/octet-stream
Size: 2057 bytes
Desc: not available
URL: <https://www.monitoring-lists.org/archive/developers/attachments/20030721/b7160eb6/attachment.obj>


More information about the Developers mailing list