nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: DoS, ICMP, proxies, SYNDefender

From: Michael Dillon <michael () memra com>
Date: Fri, 4 Oct 1996 12:43:55 -0700 (PDT)
On Fri, 4 Oct 1996, Tim Bass wrote:


Right on! PHRACK will be publishing my program to transmit bogus ICMP
UNREACHABLE packets in the december 2001 issue. It's called the Bass
Player. :-)


Wonderful!  And Phack with publish a patch to ip_input.c that redirects all
bogus ICMP directs root names servers as SYN packets called the
Dillion Diversion :-)  (think about it..)


I have thought about it. If the Internet industry spends a couple of years
deploying ICMP UNREACHABLE as you have asked, then they will have created
a weakness that can be exploited by the Bass Player. Even though a
solution to this problem could be deployed, it would also take years to
work its way into most network hosts.

The solution is to not deploy something that creates new attack
possibilities.

Michael Dillon                   -               ISP & Internet Consulting
Memra Software Inc.              -                  Fax: +1-604-546-3049
http://www.memra.com             -               E-mail: michael () memra com

- - - - - - - - - - - - - - - - -
Previous By Date Next
Previous By Thread Next

Current thread: