On Sun, 30 Dec 2001, Randall Stewart wrote:
> > Heh, you nailed the reverse of the problem we've seen: Right now the easy > > way to cause exhaustion is to fill up _send_ buffers, via netkill. I > > guess if we solve that problem, out of order segments could be used for an > > attack too. > > > > Mike: > > Interesting problem.. but I was thinking in terms of > a outside attacker.. not someone who has a login id on > your machine. That leads down another path... i.e. local > machine security. > > > R Heh, you don't have to be local to cause a machine to send you something. Just find a service which exists to send data (http, pop3, ftp, irc), and you're in business. Mike "Silby" Silbersack To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message
