Hosting Provided By

Radware Linkproof: SSH port DoS

From: Martin Maèok <martin.macok(at)underground.cz>
Date: Fri Jun 27 2003 - 03:03:53 EDT

While doing an external pen-test I have found that Radware Linkproof boxes with port 22 open ("SSH-2.0-1.0 Radware SSH") do not allow 2 simultaneous connections to that port.

If I open one connection ("ssh whatever@<ip>") and let the daemon wait for the password (10 minutes no problem) then I cannot make another connection to port 22 on this box even from different source IP ("Connection closed by server: Server reached maximum number of simultaneous connections") until I explicitely close the first connection -- which means that I can easily DoS that service.

Can somebody with better knowledge of this devices tell me if this is the default behaviour or some clueless configuration (except the obvious one that this service is wide opened to the Internet)?

Radware contacted 19.6. 2003. No response yet.

-- 
         Martin Maèok                 
http://underground.cz/
   
martin.macok(at)underground.cz        
http://Xtrmntr.org/ORBman/

Received on Fri Jun 27 13:02:10 2003

This message: [ Message body ]
Next message: Ben Greenberg: "cross-site to root scripting papers"
Previous message: Hyperion: "Starting on Assembly under win32"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:40 EDT