Mike Silbersack wrote:
> 
> On Wed, 26 Dec 2001, Randall Stewart wrote:
> 
> > This comment facinates me. The reason we made SACK's in SCTP
> > revokeable is due to the potential DOS attack that someone
> > can supposedly lauch if you don't allow the stack to revoke.
> >
> > I can actually see the reason that Sally made the comments
> > and had us change it so that SACK's are revokeable. However
> > you argue to the contrary and I wonder which is correct.
> >
> > If you do not allow revoking it is the same as if a protocol
> > does not hold a drain() fucntion. A attacker could easily
> > stuff a lot of out-of-order segments at you and thus
> > fill up all your mbuf's or clusters (in my current testing
> > case). This would then yeild a DOS since you could no longer
> > receive any segments and leave you high and dry....
> 
> Heh, you nailed the reverse of the problem we've seen:  Right now the easy
> way to cause exhaustion is to fill up _send_ buffers, via netkill.  I
> guess if we solve that problem, out of order segments could be used for an
> attack too.
> 

Mike:

Interesting problem.. but I was thinking in terms of
a outside attacker.. not someone who has a login id on
your machine. That leads down another path... i.e. local
machine security.


R

> Just FWIW,
> 
> Mike "Silby" Silbersack
> 
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-net" in the body of the message

-- 
Randall R. Stewart
[EMAIL PROTECTED] 815-342-5222 (cell phone)

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-net" in the body of the message

Reply via email to