Vulnerability Development mailing list archives
Re: Naptha - New DoS
From: AV <av () GREMLIN RU>
Date: Mon, 11 Dec 2000 18:47:40 +0300
Mon, 11 Dec 2000 09:47:54 +0100 Stephane Aubert wrote:
Overview of the attack ====================== This attack can be launched from several sources (such as ddos infected computers or else) and use a very specific RESET server.
[snip]
New idea: --------- In order to consume resources on the victim ONLY and deny it, we use a reset server to close the connection on the attacker side.
Possibly, it's a good solution to use something similar to the traffic shaper, which should permit no more than MAX_CONN_PER_IP open connections from one given IP. I suppose, now it is a "must have" feature of every firewall. The only disadvantage I can suggest: the attacker may use more than one computer to launch the exploit, but finding an additional computer is much harder than a number of loop iterations. --- Alexey V. Vissarionov, av () gremlin ru
Current thread:
- Re: Naptha - New DoS, (continued)
- Re: Naptha - New DoS Lincoln Yeoh (Dec 09)
- Re: Naptha - New DoS Michael H. Warfield (Dec 09)
- Re: Naptha - New DoS Jose Nazario (Dec 09)
- Re: Naptha - New DoS Lincoln Yeoh (Dec 09)
- Re: Naptha - New DoS Ron DuFresne (Dec 09)
- Message not available
- Re: Naptha - New DoS Lincoln Yeoh (Dec 09)
- Re: Naptha - New DoS Simple Nomad (Dec 11)
- Re: Naptha - New DoS Dug Song (Dec 11)
- Re: Naptha - New DoS Stephane Aubert (Dec 12)
- Re: Naptha - New DoS AV (Dec 12)
- Re: Naptha - New DoS Damian Menscher (Dec 13)
- Re: Naptha - New DoS Ryan Permeh (Dec 15)
- Re: Naptha - New DoS Dug Song (Dec 15)