Date: Sat, 22 Jan 2000 00:22:11 +0100 From: Poul-Henning Kamp <phk@critter.freebsd.dk> To: Matthew Dillon <dillon@apollo.backplane.com> Cc: Alfred Perlstein <bright@wintelcom.net>, Brett Glass <brett@lariat.org>, security@FreeBSD.ORG Subject: Re: stream.c worst-case kernel paths Message-ID: <7192.948496931@critter.freebsd.dk> In-Reply-To: Your message of "Fri, 21 Jan 2000 15:11:06 PST." <200001212311.PAA64559@apollo.backplane.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200001212311.PAA64559@apollo.backplane.com>, Matthew Dillon writes: > No, this is far too dangerous. If a packet is bad due to being > corrupted then you want to throw it away (via the checksum check) > *BEFORE* you start messing around with the socket state. Otherwise > a perfectly legitimate packet that got corrupted in transit may > cause a disconnect or other failure. It makes a lot of sense to do cheap (relative to the checksum) checks on the packet before we do the checksum, as long as we don't modify any state before the checksum is validated. If it is cheaper to try to locate the pcb, than to calculate the checksum, the locate the pcb first and drop the packet before doing the checksum. People who have run batch systems will tell you that you run the shortest job first because it improves your average service time a lot. We're trying to do the same thing here. The general fix for this entire class of DoS attacks is therefore the same thing: Toss out the packet as soon as possible, and as cheaply as possible. That doesn't mean that we wont also need some kind of rate-limiting in the output (RST) path to survive. -- Poul-Henning Kamp FreeBSD coreteam member phk@FreeBSD.ORG "Real hackers run -current on their laptop." FreeBSD -- It will take a long time before progress goes too far! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?7192.948496931>