Date: Fri, 21 Jan 2000 16:14:44 -0600 From: "Bob Madden" <bobm@atgsystems.com> To: "FreeBSD-Security" <freebsd-security@FreeBSD.ORG> Subject: Re: Some observations on stream.c and streamnt.c Message-ID: <038801bf645c$ed6d5f00$01000000@madman>
next in thread | raw e-mail | index | archive | help
-----Original Message----- From: Brett Glass <brett@lariat.org> >Not just that. I suspect that it runs out of buffers >because it's queueing up RST packets and ICMP packets. And >discarding important incoming packets in the process. >(Which is another thing you'll see in a test: the more >INPUT the server needs to accept, the more it will be >affected.) I believe this to be true. Realize that in a real world attack, the attack most likely originates from more than one source AND it continues for a good hour or so or however long it takes to crash the box. But it DOES crash the box. My experience is with FreeBSD, but as has been suggested/demonstrated it has similar effects on other platforms. Bob Madden >,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,< --This Message Composed By: Bob Madden -- bobm@ATGSYSTEMS.COM Sys Admin /Network Engineer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?038801bf645c$ed6d5f00$01000000>