Bugtraq mailing list archives

Re: Suspicion denied

From: nlawson () kdat csc calpoly edu (Nathan Lawson)
Date: Tue, 22 Oct 1996 07:47:09 -0700


Henrik said:

I was idly reading through Internetworking with TCP/IP yesterday when it
hit me what might be a possible denial of service attack on IP stacks. What
would happen if a host was bombarded with faked fragments of large IP
packages. Would
the stack allocate more and more memory trying to reconstruct the packages or
do they operate with a fixed/max size limit on memory allocated for IP
defragmentation?


No.  At the very least, ip_drain() is called when the kernel needs more memory
and its first task is to drop all fragments.

General request:  Please desist with the silly ping ramblings.

--
Nate Lawson                  "There are a thousand hacking at the branches of
CPE Senior                    evil to one who is striking at the root."
CSL Admin                              -- Henry David Thoreau, 'Walden', 1854

Current thread:

Suspicion about denial of service attacks possible on IP. Henrik P Johnson (Oct 21)
- Re: Suspicion about denial of service attacks possible on IP. Warner Losh (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Jon Lewis (Oct 22)
- Re: Suspicion denied Nathan Lawson (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Darren Reed (Oct 22)
- <Possible follow-ups>
- Re: Suspicion about denial of service attacks possible on IP. J.R.Valverde (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Keith Bostic (Oct 22)