Bugtraq mailing list archives

Re: udp packet storms

From: perry () imsi com (Perry E. Metzger)
Date: Mon, 31 Oct 1994 08:13:54 -0500


Peter Wemm says:

Darren Reed writes:

Sorry, I missed out on the reason why we should disable discard.
Would you mind explaining it ?  I thought it was like it's name sake -
a sink hole (blackhole if you like) for packets.  Sort of like /dev/null.


tcp discard allows a "hostile" remote site to pump in a large amount
of traffic into your net, possibly congesting your link to the
internet.


That can be done without having discard around, you know. I can simply
spray you with UDP datagrams on any port whether you accept them or
not -- routers are not psychic, you know. They pass on the traffic
regardless unless they are rigged to filter -- and usually they aren't.

Perry

Current thread:

udp packet storms Tim Newsham (Oct 29)
- Re: udp packet storms Chris Ellwood (Oct 29)
  - Re: udp packet storms Darren Reed (Oct 29)
    - Re: udp packet storms Chris Ellwood (Oct 30)
    - Re: udp packet storms Peter Wemm (Oct 30)
    - Re: udp packet storms Perry E. Metzger (Oct 31)
- Re: udp packet storms Pat Myrto (Oct 29)
  - Re: udp packet storms Darren Reed (Oct 30)
    - Re: udp packet storms John Hawkinson (Oct 30)
    - Re: udp packet storms Mark A. Fullmer (Oct 30)
  - Re: udp packet storms Charles Howes (Oct 30)
    - Re: udp packet storms Darren Reed (Oct 30)
    - Re: udp packet storms Wietse Venema (Oct 30)
  - Re: udp packet storms Jas (Oct 30)
  - Re: udp packet storms Perry E. Metzger (Oct 30)
    - Re: udp packet storms Tim Newsham (Oct 30)

(Thread continues...)