Nmap Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: TCP Resource Exhaustion Attacks

From: Robert E. Lee <robert () outpost24 com>
Date: Fri, 3 Oct 2008 12:55:25 +0100

On Oct 2, 2008, at 11:10 PM, Brandon Enright wrote:

Now, I'm not holding my breath that this attack is some new way to 0wn
the !nt3rweb$ but I think that there has to be some clever aspect to it 
that improves upon what everyone has known for years.
Fyodor's post brought up a couple of well known availability attacks with TCP. At least he is contributing to the discussion. Even though the attacks he talked about have been known publicly going on 8 years, they *still* negatively impact TCP availability today. That in and of itself proves that TCP availability issues are far from under control. Fyodor did miss the point of and underestimate the extent of Jack's research; Understandable considering he doesn't have all of the information yet.
Fyodor's (and others) frustration I think is largely due to this awkward partial discloser situation and the out of control barrage of fear mongering we all just endured. We'll hopefully be able to clear certain things up soon.
In the mean time... breath in through the nose... hold it... count to 3.... breath out through the mouth..... relax. :) 

Just wanted to say thank you for understanding.

Robert

--
Robert E. Lee
Chief Security Officer
Outpost24 - One Step Ahead
http://www.outpost24.com

SE Phone: +46-8-559-21231
US Phone: +1 801-542-9292
email: robert () outpost24 com
http://blog.robertlee.name


_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org
Previous By Date Next
Previous By Thread Next

Current thread: