X-RDate: Mon, 30 Mar 1998 08:52:33 +0600 (ESD)
Date: Thu, 26 Mar 1998 23:41:43 +0200
From: Michael Widenius <[email protected]>
To: [email protected]Subject: FW: mysql: Trivial mSQL/MySQL DoS method? (fwd)
Hi all,
Just FYI, here is what was posted to the MySQL list from the MySQL
author regarding the DoS attack.
Scott
-----FW: <[email protected]>-----
Date: Thu, 26 Mar 1998 23:41:43 +0200
Sender: [email protected]
From: Michael Widenius <[email protected]>
To: "Joel B. Stalder" <[email protected]>
Subject: mysql: Trivial mSQL/MySQL DoS method? (fwd)
Cc: [email protected]
This never was fatal (only VERY annoying) for MySQL 3.20 ! MySQL has
a timeout of 30 seconds for each read from the client. This means
that the 'hang' only lasts 30 seconds for MySQL.
MySQL 3.21.26 and below has the same problem.
>>From the changelog of 3.21.27 (I am compiling a distribution just now):
* Changed connect timeout to 3 seconds to make it somewhat harder
for crackers to kill mysqld trough telnet + TCP/IP.
Yours,
Monty
< original fwd by Joel B. Stalder removed >
