[18227] in bugtraq
Re: updated Bindview NAPTHA advisory
daemon@ATHENA.MIT.EDU (stanislav shalunov)
Wed Dec 20 16:50:52 2000
Message-Id: <87snnkdqlg.fsf@cain.internet2.edu>
Date: Tue, 19 Dec 2000 16:54:35 -0500
Reply-To: shalunov@INTERNET2.EDU
From: stanislav shalunov <shalunov@INTERNET2.EDU>
X-To: Bob Keyes <bkeyes@MAIL.BOS.BINDVIEW.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <Pine.BSF.4.05.10012181702340.92068-100000@mail.bos.bindview.com>
My earlier messages to BUGTRAQ (by the way, you reference them with a
misslepping of my name) present an attack that involves exhaustion of
resources by creation of large number of TCP streams and leaving them
in an interesting state.
http://www.deja.com/getdoc.xp?AN=614271756&fmt=text
http://www.deja.com/getdoc.xp?AN=615140242&fmt=text
The way you do it, as far as I could understand, it can be more easily
countered by increasing amount of memory for networking and sizes of
various tables.
Essentially, your method only consumes a TCB, plus maybe some tiny
amount of space per connection, while it's possible to consume tens of
kilobytes of kernel memory per connection, and tie up tens of
megabytes of non-pageable kernel memory from a dialup connection.
Additionally, a tool was provided for experimenting.
--
Stanislav Shalunov <shalunov@internet2.edu> Internet Engineer, Internet2
Beware of Programmers who carry screwdrivers. -- Leonard Brandwein
