[124] in bugtraq
Re: udp packet storms
daemon@ATHENA.MIT.EDU (Marc Wilkinson)
Mon Oct 31 05:00:24 1994
From: marc@micromuse.co.uk (Marc Wilkinson)
Date: Mon, 31 Oct 1994 08:28:52 GMT
To: chowes@helix.net
Cc: bugtraq@fc.net
|> From bugtraq-owner@fc.net Sun Oct 30 19:10:47 1994
|> Date: Sun, 30 Oct 1994 04:07:27 -0800 (PST)
|> From: Charles Howes <chowes@helix.net>
|> To: Pat Myrto <rwing!pat@ole.cdac.com>
|> cc: Tim Newsham <newsham@zang.kcc.hawaii.edu>, bugtraq@fc.net
|> Subject: Re: udp packet storms
|> MIME-Version: 1.0
|>
|> On Sat, 29 Oct 1994, Pat Myrto wrote:
|>
|> <snip>
|>
|> > That's interesting - it amounts to a feedback loop (in electrical
|> > or audio terminology). Is there a way to interrupt this sort of
|> > thing (short of killing inetd or the involved daemon) or rebooting (a
|> > drastic method of doing the same thing)?
|> >
|> > How would one prevent this without disabling the udp services?
|>
|> Hmm; I wonder if it's possible to tell tcpd to rate-limit a particular
|> service?
|>
At One point IRIX, the SGi version of SYS Vr3, would shutdown the network
traffic for a period of time, if it the number of errors or packets received
in a time period was excessive.... thus stopping the SG becoming part of
a network storm.
Don't know of anything else that does allow rate limiting.
Cheers
Marc ? \!/ ?
(o o)
-------------------------------oOOo-(_)-oOOo-----------------------------------
Marc Wilkinson ._ BIAS Consultants Ltd.
+44 705 595276 o<o marc@bias.com
Network Systems Consultant Dorking, England
