Bugtraq mailing list archives
Re: Suspicion about denial of service attacks possible on IP.
From: jrvalverde () samba cnb uam es (J.R.Valverde)
Date: Tue, 22 Oct 1996 13:03:56 WET
Correct me if I'm wrong, but out of one corner of my head I seem to remember that there is a maximum number of pieces you can maintain, and that when it is filled, the system drops incomplete packets according to some algorithm or another (LRU, timeout, or some similar). Guess I should restore some old mind-backup to refresh my memory. Yup... ... ... ... . . . BSD 4.4-Lite:
/*
* IP timer processing;
* if a timer expires on a reassembly
* queue, discard it.
*/
void
ip_slowtimo()
{
... ...
So, on BSD you add fragments to a reassembly queue, which has
a life time, and when this time expires, the fragments go to the bit
bucket. The function is hooked in to a protosw table, to be called on
slow timeouts (500 ms, modifiable through PR_SLOWHZ).
Hence, I suppose there could possibly be a DoS attack, but you
would need to flush the host machine fast enough...
jr
Current thread:
- Suspicion about denial of service attacks possible on IP. Henrik P Johnson (Oct 21)
- Re: Suspicion about denial of service attacks possible on IP. Warner Losh (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Jon Lewis (Oct 22)
- Re: Suspicion denied Nathan Lawson (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Darren Reed (Oct 22)
- <Possible follow-ups>
- Re: Suspicion about denial of service attacks possible on IP. J.R.Valverde (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Keith Bostic (Oct 22)