Date: Mon, 22 Mar 1999 09:46:04 -0700 (MST) From: "David G. Andersen" <danderse@cs.utah.edu> To: Erwan Arzur <erwan@netvalue.fr> Cc: security@FreeBSD.ORG Subject: Re: natd + nmap ? Message-ID: <14070.29563.424538.218011@torrey.cs.utah.edu> In-Reply-To: Erwan Arzur's message of Mon, March 22 1999 <36F66F86.88FA36E3@netvalue.fr> References: <36F66F86.88FA36E3@netvalue.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
I assume this was scanning from *inside* the natd gateway to the
outside world? That's not too surprising, though the drop behavior
you suggest would be better.
-Dave
Lo and Behold, Erwan Arzur said:
> I just tried to scan a FreeBDS3.0 w/ natd, and it appears that using the
> -sU flag with nmap seems to completely lock natd at 100% cpu. Thus,
> there is no way to send any packet in or out of the gateway.
>
> I am right assuming this is a kind of DOS attack ? Is there any way to
> prevent this kind of thing to happen, like an option to natd to make it
> drop incoming packets when reaching a given load ?
--
work: danderse@cs.utah.edu me: angio@pobox.com
University of Utah http://www.angio.net/
Computer Science - Flux Research Group "What's footnote FIVE?"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?14070.29563.424538.218011>