Date: Sun, 25 Feb 1996 13:21:16 -0500 From: "Garrett A. Wollman" <wollman@lcs.mit.edu> To: Warner Losh <imp@village.org> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Alert: UDP Port Denial-of-Service Attack (fwd) Message-ID: <9602251821.AA15742@halloran-eldar.lcs.mit.edu> In-Reply-To: <199602240437.VAA14882@rover.village.org> References: <199602240437.VAA14882@rover.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Fri, 23 Feb 1996 21:37:20 -0700, Warner Losh <imp@village.org> said: > You'd not have these services :-) Usually the daytime service can be > moderately useful, since it doesn't suffer from the bombing problems > (sure, you can get it to generate a packet, but it will be only > one). However, it is trivial to get the daytime service to ping-pong with the echo service. Same thing for the chargen service (don't know what purpose that serves...) > UDP is, at present, the only thing impacted. It only takes one rogue > packet to set them jabbering at each other (which is one reason we > don't allow any IP packets with "src" of one of our netblock through > our firewall). Of course, that doesn't help you if the forged source is on someone else's network... > I don't see how a TCP attack could succeed given the > three way handshake that is required by TCP to establish a connection. Guess the Initial Sequence Number. On old BSD systems, this was almost trivial. On modern BSD systems, this is much more difficult. -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?9602251821.AA15742>