Vulnerability Development mailing list archives

Re: New DoS attack

From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Sat, 17 Jun 2000 09:51:24 -0700


Luke Dudney wrote:


Or even using TCP to establish the connection, then UDP for game data?
This sounds a whole lot more reasonable (even easier) to implement, or am I
missing something?


No, because then you'd have one of those horrible protocols that passes
addresses and ports as part of the datastream, does backchannel
connections,
etc.. and will generally make firewall admins want to kill you.  I.e.
you just broke everyone's home NAT box, so they can't play their game
now.

A simple rip-off of the 3-way handshake from TCP (including the equiv
of sequence numbers, which must be non-predictable) will do the trick.
For blind spoofing anyway.  An attacker who can monitor the exchange
can still execute the DoS, but that's generally a much worse problem
anyway.

                                                BB

Current thread:

Re: New DoS attack Luke Dudney (Jun 15)
- Re: New DoS attack Bluefish (Jun 17)
- Re: New DoS attack Blue Boar (Jun 17)
- <Possible follow-ups>
- Re: New DoS attack Dave Booth (Jun 19)
  - Re: New DoS attack Blue Boar (Jun 19)
  - Re: New DoS attack Taneli Huuskonen (Jun 20)