[3123] in bugtraq
Re: mail storm
daemon@ATHENA.MIT.EDU (Albert Lunde)
Tue Aug 13 02:29:25 1996
Date: Mon, 12 Aug 1996 22:55:38 -0500
Reply-To: Albert Lunde <Albert-Lunde@nwu.edu>
From: Albert Lunde <Albert-Lunde@nwu.edu>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <320FD2CB.35CF@hydra.acs.uci.edu> from "Dan Stromberg" at Aug 12,
96 05:56:43 pm
> Imagine a hacker really doesn't like someone, and is willing to do
> something disruptive to a lot of other people to spite that one person.
> Or imagine that they just want to do something very disruptive.
>
> Imagine the hacker picks 2n mailing lists, subscribing the i'th to the
I've seen this played out on a smaller scale on several lists,
when a bogus auto-reply program, or an exceptionally dumb person,
replied to the list to every message, including a copy of the
previous message in each reply.
This resulted in an exponential growth, though perhaps at a slower
rate than the scheme you outline.
It did put the list in question out of production for up to several days,
till a list admin had time to notice and fix it.
In practice, there did seem in every case to be some (annoyingly large)
maximum volume/per hour beyond which the lists would not run, so
exponential growth only went till saturation was reached. But
I suppose the combination of several out-of-control lists
could bombard one mailbox much faster.
I don't think it is more dangerous than an assortment of other denial
of service attacks, but this doesn't mean we are "safe".
