27 Jan
1999
27 Jan
'99
1:45 p.m.
Michel Pelletier wrote:
I noticed that when you FTP into ZServer it doesn't matter what userid or password you use, it allways says 'Login Successful'. Of course, your not authorized to see anything but your still logged in and there is still an open Medusa channel. Couldn't this be a hole into a possible Denial of Service attack?
How is this different from anonymous FTP? How do other servers limit denial of service attacks on anonymous FTP? Note that a medusa connection does not consume many resources and doesn't tie up the application in any way. Jim