Tcp listen limit.
Damien Miller
djm at mindrot.org
Wed Jun 23 05:09:48 EST 2004
Fabio Yasusi Yamamoto wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi folks.
>
> Please, someone confirm if i'm right. if i'm wrong, please forgive-me.
>
> -
> --------------------------------------------------------------------------------------------------------------
> I've developed a little tool to stress test tcp connections.( Sending
> syn and answer ack-syn ). that simuates a real tcp connection. (
> http://www.hostname.org/fake_connect )
>
> And i notice that severals programs have a little tcp ( listen
> backlog? ) limit.
>
> One of these program was OpenSSH. With this i can cause a temporary
> DoS on SSHd preventing any user to log-on. ( sometimes the real
> connection is closed , somethimes it does't response at all ( there
> is no SYN-ACK ).
>
> My target plataform was LINUX and FreeBSD.
>
> - -
> Here is my question:
> ~ It is possible in the configuration, to increase the connection
> limit / listen backlog?
See the MaxStartups config parameter and the SSH_LISTEN_BACKLOG limit
in ssh.h
-d
More information about the openssh-unix-dev
mailing list