From owner-freebsd-security Mon Mar 22 8:46:27 1999 Delivered-To: freebsd-security@freebsd.org Received: from wrath.cs.utah.edu (wrath.cs.utah.edu [155.99.198.100]) by hub.freebsd.org (Postfix) with ESMTP id AE1CB14C59 for ; Mon, 22 Mar 1999 08:46:26 -0800 (PST) (envelope-from danderse@cs.utah.edu) Received: from torrey.cs.utah.edu (torrey.cs.utah.edu [155.99.212.91]) by wrath.cs.utah.edu (8.8.8/8.8.8) with ESMTP id JAA10334; Mon, 22 Mar 1999 09:46:04 -0700 (MST) Received: (from danderse@localhost) by torrey.cs.utah.edu (8.9.1/8.9.1) id JAA08801; Mon, 22 Mar 1999 09:46:04 -0700 (MST) (envelope-from danderse@cs.utah.edu) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Date: Mon, 22 Mar 1999 09:46:04 -0700 (MST) From: "David G. Andersen" To: Erwan Arzur Cc: security@FreeBSD.ORG Subject: Re: natd + nmap ? In-Reply-To: Erwan Arzur's message of Mon, March 22 1999 <36F66F86.88FA36E3@netvalue.fr> References: <36F66F86.88FA36E3@netvalue.fr> X-Mailer: VM 6.43 under 20.4 "Emerald" XEmacs Lucid Message-ID: <14070.29563.424538.218011@torrey.cs.utah.edu> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org I assume this was scanning from *inside* the natd gateway to the outside world? That's not too surprising, though the drop behavior you suggest would be better. -Dave Lo and Behold, Erwan Arzur said: > I just tried to scan a FreeBDS3.0 w/ natd, and it appears that using the > -sU flag with nmap seems to completely lock natd at 100% cpu. Thus, > there is no way to send any packet in or out of the gateway. > > I am right assuming this is a kind of DOS attack ? Is there any way to > prevent this kind of thing to happen, like an option to natd to make it > drop incoming packets when reaching a given load ? -- work: danderse@cs.utah.edu me: angio@pobox.com University of Utah http://www.angio.net/ Computer Science - Flux Research Group "What's footnote FIVE?" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message