|
Family: Denial of Service --> Category: flood
MDaemon DoS Vulnerability Scan
Vulnerability Scan Summary Crashes the remote MTA
Detailed Explanation for this Vulnerability Test
It was possible to crash the remote SMTP server
by opening a great amount of sockets on it.
This problem allows a possible hacker to make your
SMTP server crash, thus preventing you
from sending or receiving e-mails, which
will affect your work.
*** Note that due to the nature of this vulnerability,
*** Nessus can not be 100% positive on the effectiveness of
*** this flaw. As a result, this report might be a false positive
Solution :
If your SMTP server is constrained to a maximum
number of processes, i.e. it's not running as
root and as a ulimit 'max user processes' of
256, you may consider upping the limit with 'ulimit -u'.
If your server has the ability to protect itself from
SYN floods, you should turn on that features, i.e. Linux's CONFIG_SYN_COOKIES
The best solution may be Cisco's 'TCP intercept' feature.
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|