Sonicwall DoS

[Leon Rosenstein <l_rosenstein () MONTELSHOW COM>]

Hey everyone first time poster long time lurker.  Not sure if this qualifies
as a vulnerability or even if it will make the list however, in the
Sonicwall SoHo there is a limitation on the amount of connections that one
can open.  This sets up a denial of service scenario if one can “surpass”
the limit.  A denial of service condition exists if someone opens up more
then 2048 connections.  When this limit is surpassed the “cache” will
overflow and it will begin to drop internal connections.  A simple way to
re-create this is to run a tcp port scan on a host on the wan.  When you
open up more then 2048 connection it will begin to “complain” via the log

08/28/2000 10:18:46.368 -     The cache is full; over 2048 simultaneous
connections; some will be dropped -     Source:10.1.1.6, 2119, LAN -
Destination:xxx.xx.xx.xxx, WaN –

At this point all future connections will have a much less likely chance of
getting through as the port scanner saturates all remaining available
connections.

Again I am not sure if I even posted this right or adhered to any “posting
protocol”.  Anyone that has any suggestions or comments please feel free to
reach me via e-mail.

Thx,

Leon Rosenstein