From owner-man-jp-reviewer@jp.freebsd.org  Mon Jan  4 15:49:21 1999
Received: (from daemon@localhost)
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) id PAA18293;
	Mon, 4 Jan 1999 15:49:21 +0900 (JST)
	(envelope-from owner-man-jp-reviewer@jp.FreeBSD.org)
Received: from mail.nk.rim.or.jp (root@mail.nk.rim.or.jp [202.247.130.165])
	by jaz.jp.freebsd.org (8.9.1+3.1W/8.7.3) with ESMTP id PAA18286
	for <man-jp-reviewer@jp.freebsd.org>; Mon, 4 Jan 1999 15:49:18 +0900 (JST)
	(envelope-from kuma@nk.rim.or.jp)
Received: from laurel.nk.rim.or.jp (ppp088.nk.rim.or.jp [202.247.176.88])
	by mail.nk.rim.or.jp (8.8.5/3.6W-RIMNET-98-06-09) with ESMTP id PAA18682
	for <man-jp-reviewer@jp.freebsd.org>; Mon, 4 Jan 1999 15:49:16 +0900 (JST)
Message-Id: <199901040649.PAA18682@mail.nk.rim.or.jp>
Received: from localhost (localhost [127.0.0.1]) 
	by laurel.nk.rim.or.jp (8.8.8/8.8.8laurel981130) with ESMTP id PAA01448
To: man-jp-reviewer@jp.freebsd.org
In-reply-to: Your message of "Thu, 31 Dec 1998 23:21:12 JST."
	 <19981231232112S.k-horik@yk.rim.or.jp> 
Date: Mon, 04 Jan 1999 15:41:20 +0900
From: Norihiro Kumagai <kuma@nk.rim.or.jp>
Reply-To: man-jp-reviewer@jp.freebsd.org
Precedence: list
X-Distribute: distribute version 2.1 (Alpha) patchlevel 24e+981115
X-Sequence: man-jp-reviewer 881
Subject: [man-jp-reviewer 881] Re: security.7 
Errors-To: owner-man-jp-reviewer@jp.freebsd.org
Sender: owner-man-jp-reviewer@jp.freebsd.org
X-Originator: kuma@nk.rim.or.jp

$B7'C+$G$9!#(B

security.7 $B:F$S=$@5$7$^$7$?!#(B
1988 -> 1998 $B$bD>$7$F$*$-$^$7$?!dB@ED$5$s%5%s%/%9!#(B

$B86J8$NJ}$O!"(B3.0-19981225-SNAP $B$N$"$H!"(B3.0-19981226-SNAP $B$A$e$&$N$,(B
$B=P$F$F!"(Bhacker $B$r(B intruder $B$KBX$($k(B:-)$B$H$+$$$&=$@5F~$C$F$^$7$?!#(B
  
$B$$$m$$$mLLE]$@$7EvJ,92$F$kI,MW$O$J$$$N$G!"$7$P$i$/<j85$G29$a$F$*$$$F!"(B
1/20 $B$4$m$KG<IJ(B?!$B$7$^$9!#(B

In Message <19981231232112S.k-horik@yk.rim.or.jp>,
  Kazuo Horikawa <k-horik@yk.rim.or.jp> writes:
$BKY@n(B>  $B%U%!%$%k%Q%9$K$O(B Pa $B$b;H$C$?J}$,$h$+$C$?$+$b$7$l$^$;$s!#(B

.Pa $B$r;H$&$h$&$K=$@5$rF~$l$F!"(Bsend-pr $B$7$F$*$-$^$7$?!#(B

$B7'C+(B> $B!&(Bhellofalot of trouble $B$C$F$I$&$$$&0UL#!)(B
$BKY@n(B>  $BB8$8$^$;$s$G$9(B _o_

$B!t(B  $B0l=V!"?7<j$N%U%!%_%l%9$NL>A0$+$H;W$C$?!D!d(Bhellofalot

$B$G$O!"(BMathew Dillon $B$5$s$KJ9$$$F$_$k$+!#(B

> # have the security scp and then ssh $B$G!"%;%-%e%j%F%#%9%/%j%W%H$K(B scp 
> # $B$H(B ssh $B$5$;$k$H$$$&2r<a(B

$B$3$l$K$O5$$E$$$F$$$^$;$s$G$7$?!#:G=iLu$7$?;~$O(B scp(1) $B$C$F$J$s$@$m!<$H(B
$B;W$C$F$$$?$N$G$9$,!"IwO$$NCf$G(B ssh $B$NCg4V$@$H5$$E$-$^$7$?!#$J$k$[$I!D(B
$B$H$$$&$3$H$G!"$4;XE&$N%"%$%G%#%"$rH?1G$5$;!"(B

  $B:G$bIaDL$N%A%'%C%/J}K!$O!"%;%-%e%j%F%#%9%/%j%W%H$G!"(B
  $B$^$:!"(Bfind $B$H(B md5 $B$N%P%$%J%j%U%!%$%k$r%j%b!<%H%^%7%s$K(B scp(1) 
  $B$7$F$+$i!"%j%b!<%H%7%9%F%`$NA4$F$N%U%!%$%k(B ($B$b$7$/$O!">/$J$/$H$b(B
  /, /var, /usr $B%Q!<%F%#%7%g%s(B!) $B$KBP$7$F(B md5 $B$rE,MQ$9$k%7%'%k%3%^%s%I$r(B
  ssh $B$r;H$C$F%j%b!<%H%^%7%s$G<B9T$9$k$b$N$G$9!#(B

$B$H$7$F$*$-$^$7$?!#(B
  
> due to load lag $B$,$h$/$o$+$i$J$$$N$G$9$,!":G=i$N(B than vs then $B$N$h$&$K!"(B
> $B$3$3$b(B than $B$r(B then $B$H$7$F$7$^$C$?$H$$$&$3$H$O$J$$$G$7$g$&$+!#(B
> $B$b$7$=$&$@$H$9$k$H!"(B
> 	sendmail $B$,Hw$($F$$$k(B -OMaxDaemonChildren$B%*%W%7%g%s$O!"(B
> 	sendmail $B$NIi2Y@)8B%*%W%7%g%s$h$j$b$:$C$H$^$H$b$KF0:n$9$k2DG=(B
> 	$B@-$,9b$$$G$9!#$J$<$J$iIi2Y$K$O%i%0(B ($BCY$l(B) $B$,$"$k$?$a$G$9!#(B
> $B$H$7$F0UL#$,DL$80W$$$H;W$$$^$9!#(B

$B$3$N<q;]$K=>$C$F(B send-pr $B$N>e!"(B

  sendmail $B$K$O!"(B-OMaxDaemonChildren $B%*%W%7%g%s$,$"$j$^$9!#Ii2Y$K$O(B
  $BCY$l$,$"$k$N$G!"(Bsendmail $B$NIi2Y$K8B3&$r@_$1$k%*%W%7%g%s$r;H$&$h$j$b!"(B
  $B$3$N%*%W%7%g%s$r;H$&J}$,$^$H$b$KF0:n$9$k2DG=@-$O$O$k$+$K9b$$$G$9!#(B

$B$H$7$F$*$-$^$7$?!#(B

> > .\"X This type of attack can also crash the server by running
> > .\"X it out of mbuf's, especially if the server cannot drain the ICMP
> > .\"X responses it generates fast enough.
> 
> $B967b<T$,(B ICMP $B1~Ez$r:n@.$9$k$H$O=q$+$l$F$$$J$$$N$G!"(B
> 	$B967b<T$N@8@.$,Aa2a$.$F!"(B
> 	$B%5!<%P$,(BICMP $B1~Ez$r=P$7?T$/$9$3$H$,$G$-$J$$>l9g!"(B
> 	$B$H$/$K$R$I$$$3$H$K$J$j$^$9!#(B
> $B$H$9$k$N$O$I$&$G$7$g$&!#(B

$B$b$&0lEYFI$_D>$7$F$_$^$7$?!#(Bit generates fast enough $B$N(B it $B$O(B
$B967b$r<u$1$?%^%7%s<+?H$r;X$7$F$$$k$H9M$($?$$$G$9!#$D$^$j!"(B

  $B%(%i!<$NAG$,$I$s$I$sE~Ce$7$F!"%+!<%M%kFbIt$G(B ICMP $B%(%i!<1~Ez$,$I$s$I(B
  $B$s@8;:(B(generate)$B$5$l(B mbuf $B$,$I$s$I$s>CHq$5$l$F$f$/!#0lJ}!"Aw?.%-%e!<(B
  $B$KN/$C$?(B ICMP $B%(%i!<1~Ez$r%M%C%H%o!<%/%$%s%?%U%'!<%9$+$i303&$KA]$-=P(B
  $B$9(B(drain)$B$N$,DI$$IU$+$J$$!#$=$N$&$A(B mbuf $B?)$$DY$7$F%7%9%F%`$,Ht$V!#(B

$B$H$$$&>u67$r5-=R$7$F$$$k$N$G$O$J$$$+$H$$$&$3$H$G$9!#$G!"(B

  mbuf $B$r>CHq$7?T$/$5$;$k$3$H$K$h$j!"$3$N<o$N967b$G%5!<%P$r(B
  $B%/%i%C%7%e$5$;$k$3$H$b2DG=$G$9!#%5!<%P$N(B ICMP $B1~Ez@8@.$,B.2a$.$F!"(B
  ICMP $B1~Ez$rAw?.$7?T$/$9$3$H$,$G$-$J$$>l9g!"FC$K$R$I$$$3$H$K(B
  $B$J$j$^$9!#(B

$B$H$7$F$*$-$^$7$?!#(B

--
$B7'C+(B $BE5Bg(B
