[3551] in bugtraq
Re: Suspicion denied
daemon@ATHENA.MIT.EDU (Nathan Lawson)
Tue Oct 22 18:10:42 1996
Date: Tue, 22 Oct 1996 07:47:09 -0700
Reply-To: Nathan Lawson <nlawson@kdat.csc.calpoly.edu>
From: Nathan Lawson <nlawson@kdat.csc.calpoly.edu>
X-To: hpj@one.se
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <Pine.HPP.3.95.961021181919.1137F-100000@tide.one.se> from
"Henrik P Johnson" at Oct 21, 96 06:22:28 pm
Henrik said:
> I was idly reading through Internetworking with TCP/IP yesterday when it
> hit me what might be a possible denial of service attack on IP stacks. What
> would happen if a host was bombarded with faked fragments of large IP
> packages. Would
> the stack allocate more and more memory trying to reconstruct the packages or
> do they operate with a fixed/max size limit on memory allocated for IP
> defragmentation?
No. At the very least, ip_drain() is called when the kernel needs more memory
and its first task is to drop all fragments.
General request: Please desist with the silly ping ramblings.
--
Nate Lawson "There are a thousand hacking at the branches of
CPE Senior evil to one who is striking at the root."
CSL Admin -- Henry David Thoreau, 'Walden', 1854
