Full Disclosure mailing list archives
Re: THC SSL DOS tool released
From: BH <lists () blackhat bz>
Date: Tue, 25 Oct 2011 23:15:27 +0800
To make it more difficult to DOS servers using SSL, the protocol could somehow be modified to challenge the client with some useless** but cpu-heavy calculation before the server starts acting. Of course it must be something that does not involve heavy calculation at the server side, otherwise its just dumb. It's just an idea, and I do not know if and how this is possible at all.
One problem I can foresee with this is a way to scale this in a secure manner. At one end of the spectrum you could have Grandma on her little 1.something ghz atom and on the other a mutli processor system or maybe even GPU. It could take many years to crack for a GPU but then unless ther is a way to scale that back to make it possible for the little atom (without being able to use the GPU for the weaker challenge). I have never actually looked at doing this and would be interested if there is actually a way to do this without it being weak in some way. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- THC SSL DOS tool released rm (Oct 24)
- Re: THC SSL DOS tool released Marsh Ray (Oct 24)
- Re: THC SSL DOS tool released Dan Luedtke (Oct 25)
- Re: THC SSL DOS tool released BH (Oct 25)
- Re: THC SSL DOS tool released Dan Luedtke (Oct 25)
- Re: THC SSL DOS tool released coderman (Oct 31)
- Re: THC SSL DOS tool released xD 0x41 (Oct 31)
- Re: THC SSL DOS tool released BH (Oct 25)
- <Possible follow-ups>
- Re: THC SSL DOS tool released Lamar Spells (Oct 25)