Date: Thu, 9 Sep 1999 23:56:57 +1000 (EST) From: Darren Reed <avalon@coombs.anu.edu.au> To: kpielorz@tdx.co.uk (Karl Pielorz) Cc: avalon@coombs.anu.edu.au, stas@sonet.crimea.ua, freebsd-hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: mbuf shortage situations Message-ID: <199909091356.XAA05823@cheops.anu.edu.au> In-Reply-To: <37D7B90D.B252B4E6@tdx.co.uk> from "Karl Pielorz" at Sep 9, 99 02:41:33 pm
next in thread | previous in thread | raw e-mail | index | archive | help
In some mail from Karl Pielorz, sie said: > > Darren Reed wrote: > > > > It is evil connection. Good applications do read data from their sockets, > > > and evil ones do not. And ever if it is good, but silly or busy > > > application, good clients do not send so much data that application > > > can not process it. Am I wrong, there are any examples? > > > > So what if someone manages to crash a program due to a DOS attack ? > > An easy one that comes to mind is syslogd. It's often stuck in disk-wait > > and can easily be targetted with a large number of packets. > > Isn't syslog UDP? - i.e. no ACK? - you could argue (to a point) that this > might even be by design? :) (with regard to if syslog is in diskwait, and over > burdened with traffic, data gets dropped). This, could be construed as a DoS > (in fact it probably is)... sorry, syslogd doesn't suffer from the same problems that klogd on lamix does (i.e its all datagrams). my mistake. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199909091356.XAA05823>