Geoff Thorpe <[EMAIL PROTECTED]> writes:
> > just didn't understand why Slapper was doing it since it only tries to
> > probe your machine once AFAIK. But if you have a lot of IPs....
>
> But along the lines of what the original poster mentioned, this courtesy
> from Slapper can hardly be relied upon - someone could easily modify it
> to DoS any apache servers that it can't otherwise exploit.
That's what I as trying to say, but I guess I wasn't clear enough.
> Ie. make the
> virus tie up all the child-processes (doing the DoS connections from any
> previously exploited/controlled servers). The question however is; what
> *exactly* is the problem?
I don't think it matters. Just open a connection and spit out a
partial SSL message. This ought to stall the server till the network
timeouts are done.
-Ekr
--
[Eric Rescorla [EMAIL PROTECTED]]
http://www.rtfm.com/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
