[63452] in North American Network Operators' Group
Re: Kiss-o'-death packets?
daemon@ATHENA.MIT.EDU (Peter Galbavy)
Mon Oct 6 05:09:32 2003
From: "Peter Galbavy" <peter.galbavy@knowtion.net>
To: "Sean Donelan" <sean@donelan.com>, <Valdis.Kletnieks@vt.edu>
Cc: <nanog@merit.edu>
Date: Mon, 6 Oct 2003 10:08:46 +0100
Errors-To: owner-nanog-outgoing@merit.edu
Sean Donelan wrote:
> Should other protocols include the same feature? If someone sends you
> a Dynamic DNS update, could the protocol include a kiss-o'-death
> packet to tell clients to go away? If someone keeps probing your
> HTTP server, should HTTP include a kiss-o'-death packet to tell
> clients to go away?
Erm, I can see a huge DoS hole waiting to happen to any protocol that
doesn't in turn implement some sort of authentication of the server. The
more protocols you allow to do this, the more potential for DoS of important
(possibly) client information.
Peter
