tpop3d-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tpop3d-discuss]Tpop3d w/ssl crashes after Portscan

From: Martin Schmitt
Subject: Re: [tpop3d-discuss]Tpop3d w/ssl crashes after Portscan
Date: Sat, 21 Feb 2004 23:10:59 +0100
User-agent: Mutt/1.4.1i 
Hi everybody!

* address@hidden wrote/schrieb:

> Another new observation: I can bring tpop3d down by connecting to the pop3s
> port and then killing the connection. An nmap TCP scan or simple telnet to
> port 995 will do.
> 
> Feb 15 10:44:00 vortex tpop3d[11913]: [ID 702911 local0.error] quit: signal 
> 11 post_fork = 0
> 
> Again, this is Solaris 8 with OpenSSL 0.9.6c. I can't believe that this
> would-be-DoS hasn't been seen before, so I must be missing something in the
> configuration or elsewhere.
> 
> Here's the relevant line from the config. 
> 
> listen-address:  1.2.3.4 
> 1.2.3.4;tls=immediate,/etc/blah/cert.pem,/etc/blah/key.pem

Was the question really that bad? ;-)

So far, I wasn't able to come up with a solution, except for stls, which I
can't seem to get any client to cooperate with. 

Here's some debug output of when the crash happens, nothing spectacular:

connection_sendresponse: client [7]217.236.159.78/f00.net: sent `+OK 
<address@hidden>'
listeners_post_select: client [7]217.236.159.78/f00.net: connected to local 
address 80.242.134.130:995
quit: signal 11 post_fork = 0
Segmentation Fault (core dumped)

Picking up mail via TLS works nicely, but if the server is brought down
that easily, it's probably not a good idea to leave it running at all.

Any suggestions, gentlemen?

-martin
-- 
+-------------------------+------------------------+
| Martin Schmitt          | Schmitt Systemberatung |
| http://www.scsy.de/~mas | http://www.scsy.de     |
+-------------------------+------------------------+
reply via email to
[Prev in Thread] Current Thread [Next in Thread]