[21926] in bugtraq
Re: UDP packet handling weird behaviour of various operating systems
daemon@ATHENA.MIT.EDU (Niels Bakker)
Fri Jul 27 12:07:52 2001
Date: Fri, 27 Jul 2001 12:21:12 +0200
From: Niels Bakker <niels=bugtraq@bakker.net>
To: Stefan Laudat <stefan@mail.allianztiriac.ro>
Cc: Michal Zalewski <lcamtuf@gis.net>, bugtraq@securityfocus.com
Message-ID: <20010727122112.I520@trance.org>
Mail-Followup-To: Niels Bakker <niels=bugtraq@bakker.net>,
Stefan Laudat <stefan@mail.allianztiriac.ro>,
Michal Zalewski <lcamtuf@gis.net>, bugtraq@securityfocus.com
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20010726014804.B31276@allianztiriac.ro>; from stefan@mail.allianztiriac.ro on Thu, Jul 26, 2001 at 01:48:04AM +0300
* stefan@mail.allianztiriac.ro (Stefan Laudat) [Fri 27 Jul 2001, 00:10 CEST]:
> I have managed to kill a 7513 Cisco Router with DCEF enabled and loads of
> other speed hacks. Try it for yourself :)
This is documented behaviour for cisco routers. Packets addressed to
the box itself are always process switched. The limit in a 7500 series
router then becomes the RSP, not the CyBus bandwidth or amount of memory
on the VIP2 cards. Taking cpu cycles away from the RSP will make the
box fall over. Just don't let packets near your network if this is
unacceptable behaviour for you.
ObPlug: HAL2001 <URL:http://www.hal2001.org/> will host a dDoS discussion
panel. As a possible title "dDoS: You ain't seen nothin' yet" was coined...
Regards,
-- Niels.
--
"IP assumes non-hostile, non-lazy, and non-clueless nodes." -- Mark Mentovai
