[11269] in bugtraq
Re: Simple DOS attack on FW-1
daemon@ATHENA.MIT.EDU (Rogier Wolff)
Thu Aug 5 12:32:14 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <199908040956.LAA00826@cave.BitWizard.nl>
Date: Wed, 4 Aug 1999 11:56:24 +0200
Reply-To: Rogier Wolff <R.E.Wolff@BITWIZARD.NL>
From: Rogier Wolff <R.E.Wolff@BITWIZARD.NL>
X-To: spitzner@DIMENSION.NET
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.GSO.4.02.9908010042210.9131-100000@dimension.net> from
Lance Spitzner at "Aug 1, 99 00:46:08 am"
Lance Spitzner wrote:
> > Also, if they implemented a circular buffer where connections that had
> > been idle the longest were disconnected in favor of new connections their
> > scalability might increase some.
>
> Excellent recommendation, I'll pass it along to Check Point!
That means I can still DOS a site: If I send 500 packets a second, I
can wrap the connection table in 100 seconds. That means that the
idle-timer is reduced from an hour to less than two minutes.
The only solution is to only allow the longer timeout once BOTH sides
have sent a packet.
Roger.
--
** R.E.Wolff@BitWizard.nl ** http://www.BitWizard.nl/ ** +31-15-2137555 **
*-- BitWizard writes Linux device drivers for any device you may have! --*
------ Microsoft SELLS you Windows, Linux GIVES you the whole house ------
