shroudBNC Board

Hi all,

I currently run a public BNC service for a network and currently serve over 500 users. Over the past couple days someone has found a way to crash sBNC no matter how hard I try to prevent it. They simply flood it with connections (unknown username/password) until it segfaults. It's extremely annoying and I'm unsure how to stop it permanently. I have scripted something that adds the IP to iptables to drop it, but it's not enough.

Any ideas?

Like I mentioned in a previous conversation, it might help to upgrade to the alpha version of 1.3. Don't worry, we don't know about any crashes with the latest alpha version.

This would also have the benefit of telling us if 1.3 is still vulnerable without having to find ways to simulate a DDOS attack.

Core dumps of either version might prove useful.

• There should be files called core.<some number> in you sbnc directory.
• Install gdb, if you don't already have it on your system.
• Run gdb ./sbnc <file name of one of the core files>.
• You will enter the gdb prompt where you should enter bt full and continue until you have the complete output.
• You can exit the gdb prompt by typing quit.
  

The output of gdb is what might prove useful to fix this problem.

I reproduced the problem with the latest 1.3 alpha and forwarded it to shroud.

Apologies for not getting back to you. I've been so busy that I forgot to look at this forum.

Thanks for forwarding it. Looking forward to any fixes (hopefully 1.2 perhaps..? ) since they can be field tested.

This problem has been fixed in svn. Checkout the latest version, re-install and you will be fine.