[VANILLA-L:710] Solaris bug?

To: vanilla-l@us.netrek.org
Subject: [VANILLA-L:710] Solaris bug?
From: Bob Tanner <tanner@real-time.com>
Date: Wed, 12 Nov 1997 17:53:31 -0600
Reply-To: vanilla-l@us.netrek.org
Sender: owner-vanilla-l

Continuum is experiencing another attack on the netrek server. It a
denial of service attack that I believe is specific to Solaris.

What I see happening is these users hit the server then log off
immediately and they do it hundreds of times. Finally the server will
not allow any more connections. 

When I do a netstat I get hundreds of:

mage.2592 <remote hostname>.<port>  7884     15 8760      0 CLOSE_WAIT

The man on netstat says:

          CLOSE_WAIT          Remote shut down; waiting  for  the
                              socket to close.

So to me it looks like the remote side closed down the socket and the
server is waiting(?) for something before it closes it side of the
socket.

Am I following to this right? 

If this is happening I believe the server runs out of file descriptors
and that is why people cannot log in.



-- 
Bob Tanner <tanner@real-time.com>       | Phone : 612.943.8700
http://www.real-time.com                | Fax   : 612.943.8300
Key fingerprint =  6C E9 51 4F D5 3E 4C 66 62 A9 10 E5 35 85 39 D9 
+
++ Vanilla-l Mailing List ++
To unsubscribe: send "unsubscribe vanilla-l" to majordomo@real-time.com
For more information: http://archives.real-time.com

Follow-Ups:

[VANILLA-L:711] Re: [VANILLA-L:710] Solaris bug?

From: James Cameron <cameron@stl.dec.com>

Prev by Date: [VANILLA-L:711] Re: [VANILLA-L:710] Solaris bug?
Next by Date: [VANILLA-L:709] Re: 2 servers, 1 set of files?
Prev by thread: [VANILLA-L:709] Re: 2 servers, 1 set of files?
Next by thread: [VANILLA-L:711] Re: [VANILLA-L:710] Solaris bug?
Index(es):
- Main
- Thread