Dailydave mailing list archives
Re: Algorithmic Bugs
From: Matt Beaumont <mattb () cs ucla edu>
Date: Wed, 10 Jan 2007 12:51:48 -0800
On Wed, Jan 10, 2007 at 12:37:11 -0500, Dave Aitel wrote:
You can send a remarkably small stream of data at a NIDS and cause it to go to 100% CPU and stop doing analysis if you send the RIGHT stream of data.
The canonical paper is Rice and Wallach's "Denial of Service via Algorithmic Complexity Attacks" [1], from USENIX Security '03. They also have a page [2] with some followup work identifying specific vulnerabilities. Cheers, Matt [1] http://www.cs.rice.edu/~scrosby/hash/CrosbyWallach_UsenixSec2003.pdf [2] http://www.cs.rice.edu/~scrosby/hash/ _______________________________________________ Dailydave mailing list Dailydave () lists immunitysec com http://lists.immunitysec.com/mailman/listinfo/dailydave
Current thread:
- Algorithmic Bugs Dave Aitel (Jan 10)
- Re: Algorithmic Bugs Randy Smith (Jan 10)
- Re: Algorithmic Bugs Thomas Ptacek (Jan 10)
- Re: Algorithmic Bugs Randy Smith (Jan 10)
- Re: Algorithmic Bugs Matt (Jan 10)
- Re: Algorithmic Bugs Randy Smith (Jan 10)
- Re: Algorithmic Bugs Matt Beaumont (Jan 10)
- <Possible follow-ups>
- Re: Algorithmic Bugs Steven M. Christey (Jan 10)