[tpop3d-discuss]Tpop3d w/ssl crashes after Portscan
Martin Schmitt
mas at scsy.de
Sat, 21 Feb 2004 23:10:59 +0100
Hi everybody!
* mas@scsy.de wrote/schrieb:
> Another new observation: I can bring tpop3d down by connecting to the pop3s
> port and then killing the connection. An nmap TCP scan or simple telnet to
> port 995 will do.
>
> Feb 15 10:44:00 vortex tpop3d[11913]: [ID 702911 local0.error] quit: signal 11 post_fork = 0
>
> Again, this is Solaris 8 with OpenSSL 0.9.6c. I can't believe that this
> would-be-DoS hasn't been seen before, so I must be missing something in the
> configuration or elsewhere.
>
> Here's the relevant line from the config.
>
> listen-address: 1.2.3.4 1.2.3.4;tls=immediate,/etc/blah/cert.pem,/etc/blah/key.pem
Was the question really that bad? ;-)
So far, I wasn't able to come up with a solution, except for stls, which I
can't seem to get any client to cooperate with.
Here's some debug output of when the crash happens, nothing spectacular:
connection_sendresponse: client [7]217.236.159.78/f00.net: sent `+OK <22901ea40d45027f0322e68b616a2cc2@f00.net>'
listeners_post_select: client [7]217.236.159.78/f00.net: connected to local address 80.242.134.130:995
quit: signal 11 post_fork = 0
Segmentation Fault (core dumped)
Picking up mail via TLS works nicely, but if the server is brought down
that easily, it's probably not a good idea to leave it running at all.
Any suggestions, gentlemen?
-martin
--
+-------------------------+------------------------+
| Martin Schmitt | Schmitt Systemberatung |
| http://www.scsy.de/~mas | http://www.scsy.de |
+-------------------------+------------------------+