Date: Sat, 15 Jul 2000 16:01:22 -0600 From: Wes Peters <wes@softweyr.com> To: Mike Nowlin <mike@argos.org> Cc: Dave McKay <dave@mu.org>, FreeBSD Security <freebsd_security@hotmail.com>, freebsd-security@FreeBSD.ORG Subject: Re: FreeBSD User Security Advisory: FreeBSD-SA-00:BG Message-ID: <3970DF32.6D988E56@softweyr.com> References: <Pine.LNX.4.21.0007150356230.24791-100000@jason.argos.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Nowlin wrote:
>
> > > Topic: The Brett Glass user can DOS the FreeBSD mailing lists.
>
> Come on, people -- use some common sense...
>
> If you don't think that Brett's suggestions are useful (I haven't read
> them, so no opinions here as to their validity or his postings - I'm
> skipping these whole threads), just IGNORE them.
>
> Talk about adding fuel to the fire... In the two threads in question
> ("Two Kinds of Advisories" and "Displacement of Blame"), here's some
> stats as of right now:
>
> TKoB: 47 messages, 7 by BG
> DoB: 57 messages, 10 by BG
>
> Somehow, I don't think that he would have repeatedly responded to
> silence. Quit complaining about him clogging the list - BG's not the only
> one at fault here...
Yes, it seems that the BrettGlass attack is an "amplifying reflector",
like the multicast TCP ACK in the Stream attack. Since we can't quench
the source, it seems that rate-limiting the replies is the most effective
protection.
I've been trying... ;^)
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
wes@softweyr.com http://softweyr.com/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3970DF32.6D988E56>