| Subject | Re: [firebird-support] Potential DoS attack on firebird |
|---|---|
| Author | unordained |
| Post date | 2004-08-18T22:24:19Z |
As an aside: we still haven't pinned down what caused our FB 1.5 installation to go nuts on the
production server when we installed it there a couple weeks ago. Helen suggested it might have been
the fact we still had FB 1.0 clients installed on the desktops (in fact, Paul found we still had
some IB 6 client libraries, too) -- we finished upgrading all the clients to 1.5 libraries, and
will try for a 1.5 server again later, maybe this week. Paul had found that if he connected to it,
nothing weird happened (he had 1.5 libraries already installed on his development machine), but
when connecting from our NT4 citrix box, with libraries not updated, it would happen. (I only found
this out later -- at first I was told any connections to it would cause the cpu usage to jump
immediately.)
But I wonder if these are related issues? (That is, FB 1.5 not liking certain
requests/packets/whatever, and going into 100% cpu usage mode so long as the connection stays open?)
-Philip
---------- Original Message -----------
From: Jacob Alberty <calberty@...>
To: firebird-support@yahoogroups.com
Sent: Wed, 18 Aug 2004 17:23:15 -0500
Subject: [firebird-support] Potential DoS attack on firebird
production server when we installed it there a couple weeks ago. Helen suggested it might have been
the fact we still had FB 1.0 clients installed on the desktops (in fact, Paul found we still had
some IB 6 client libraries, too) -- we finished upgrading all the clients to 1.5 libraries, and
will try for a 1.5 server again later, maybe this week. Paul had found that if he connected to it,
nothing weird happened (he had 1.5 libraries already installed on his development machine), but
when connecting from our NT4 citrix box, with libraries not updated, it would happen. (I only found
this out later -- at first I was told any connections to it would cause the cpu usage to jump
immediately.)
But I wonder if these are related issues? (That is, FB 1.5 not liking certain
requests/packets/whatever, and going into 100% cpu usage mode so long as the connection stays open?)
-Philip
---------- Original Message -----------
From: Jacob Alberty <calberty@...>
To: firebird-support@yahoogroups.com
Sent: Wed, 18 Aug 2004 17:23:15 -0500
Subject: [firebird-support] Potential DoS attack on firebird
> While toying with firebird 1.5.0 i discovered a method of locking it------- End of Original Message -------
> (bad news was i found it on a production system during a busy time) it
> appears to affect 1.5.0 and 1.5.1 nptl SS, havent tested others and it
> only appears to work on windows systems, would it be ok if i posted this
> information here or is there a better place to post it? (i can reproduce
> it reliably using netcat)
>
> ------------------------ Yahoo! Groups Sponsor --------------------~-->
> Make a clean sweep of pop-up ads. Yahoo! Companion Toolbar.
> Now with Pop-Up Blocker. Get it for free!
> http://us.click.yahoo.com/L5YrjA/eSIIAA/yQLSAA/67folB/TM
> --------------------------------------------------------------------~->
>
> Yahoo! Groups Links
>
>
>