Nmap Development mailing list archives
Re: TCP Resource Exhaustion Attacks
From: doug () hcsw org
Date: Thu, 2 Oct 2008 13:55:05 -0700
Hi all, I initially discounted this as a hoax because of the following news article: http://www.darkreading.com/blog.asp?blog_sectionid=403&doc_id=164939&WT.svl=tease2_2 """ Robert and I talk a lot, and I asked him if he'd be willing to DoS us, and he flatly said, "Unfortunately, it may affect other devices between here and there so it's not really a good idea." """ Along with the info that this attack targets TCP stacks, this sounds very suspect to me. Except for possibly TCP-level filters at the end-points or wasted network bandwidth, I fail to see how an attack against TCP stacks could affect devices in between. Maybe this is a case of journalists twisting his words. It's hard to tell with so little info and I look forward to reading the report in full. No idea if it is related or not, but there was a presentation about a new class of DoS attacks at CanSecWest 2007 that I found interesting and scary: V. Anil Kumar - National Aerospace Laboratories, Bangalore Low-Rate Denial-of-Service attacks It involves initiating a large file transfer using a modified TCP stack that sends ACK packets before it receives data. The objective is to saturate the target's upstream bandwidth by sending very few packets yourself. Doug
Attachment:
signature.asc
Description: Digital signature
_______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://SecLists.Org
Current thread:
- TCP Resource Exhaustion Attacks Fyodor (Oct 02)
- Re: TCP Resource Exhaustion Attacks Michael Pattrick (Oct 02)
- Re: TCP Resource Exhaustion Attacks Ron (Oct 02)
- Re: TCP Resource Exhaustion Attacks Fyodor (Oct 02)
- Re: TCP Resource Exhaustion Attacks RB (Oct 02)
- Re: TCP Resource Exhaustion Attacks Fyodor (Oct 02)
- Re: TCP Resource Exhaustion Attacks doug (Oct 02)
- Re: TCP Resource Exhaustion Attacks Brandon Enright (Oct 02)
- Re: TCP Resource Exhaustion Attacks Robert E . Lee (Oct 03)
- Re: TCP Resource Exhaustion Attacks Fyodor (Oct 06)
- Re: TCP Resource Exhaustion Attacks Robert E. Lee (Oct 06)
- Re: TCP Resource Exhaustion Attacks Kris Katterjohn (Oct 06)
- Re: TCP Resource Exhaustion Attacks Brandon Enright (Oct 02)
- Re: TCP Resource Exhaustion Attacks Fyodor (Oct 06)