[63456] in North American Network Operators' Group
Re: Kiss-o'-death packets?
daemon@ATHENA.MIT.EDU (Sean Donelan)
Mon Oct 6 06:08:47 2003
Date: Mon, 6 Oct 2003 06:08:10 -0400 (EDT)
From: Sean Donelan <sean@donelan.com>
To: Peter Galbavy <peter.galbavy@knowtion.net>
Cc: Valdis.Kletnieks@vt.edu, <nanog@merit.edu>
In-Reply-To: <002901c38be9$72b37430$2f28a8c0@cblan.mblox.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 6 Oct 2003, Peter Galbavy wrote:
> Erm, I can see a huge DoS hole waiting to happen to any protocol that
> doesn't in turn implement some sort of authentication of the server. The
> more protocols you allow to do this, the more potential for DoS of important
> (possibly) client information.
Uhm, you are also aware that if the attacker can spoof the kiss-o'-death
packets; the same attacker could spoof all sorts of other packets
including the time protocol packets to change the clock on your computer.
