Bugtraq mailing list archives
Re: Suspicion about denial of service attacks possible on IP.
From: jrvalverde () samba cnb uam es (J.R.Valverde)
Date: Tue, 22 Oct 1996 13:03:56 WET
Correct me if I'm wrong, but out of one corner of my head I seem to remember that there is a maximum number of pieces you can maintain, and that when it is filled, the system drops incomplete packets according to some algorithm or another (LRU, timeout, or some similar). Guess I should restore some old mind-backup to refresh my memory. Yup... ... ... ... . . . BSD 4.4-Lite:
/* * IP timer processing; * if a timer expires on a reassembly * queue, discard it. */ void ip_slowtimo() { ... ...
So, on BSD you add fragments to a reassembly queue, which has a life time, and when this time expires, the fragments go to the bit bucket. The function is hooked in to a protosw table, to be called on slow timeouts (500 ms, modifiable through PR_SLOWHZ). Hence, I suppose there could possibly be a DoS attack, but you would need to flush the host machine fast enough... jr
Current thread:
- Suspicion about denial of service attacks possible on IP. Henrik P Johnson (Oct 21)
- Re: Suspicion about denial of service attacks possible on IP. Warner Losh (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Jon Lewis (Oct 22)
- Re: Suspicion denied Nathan Lawson (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Darren Reed (Oct 22)
- <Possible follow-ups>
- Re: Suspicion about denial of service attacks possible on IP. J.R.Valverde (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Keith Bostic (Oct 22)