Text request/response spanning - security issue?

To: iSCSI <ips@ece.cmu.edu>, Julian Satran <Julian_Satran@il.ibm.com>, "Mallikarjun C." <cbm@rose.hp.com>
Subject: Text request/response spanning - security issue?
From: Luben Tuikov <luben@splentec.com>
Date: Thu, 28 Mar 2002 19:12:47 -0500
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=us-ascii
Organization: Splentec Ltd.
Reply-To: Luben Tuikov <luben@splentec.com>, iSCSI <ips@ece.cmu.edu>
Sender: owner-ips@ece.cmu.edu

A key=value pair can span multiple Text Request/Response PDU's.

A rougue/badly implemented T/I can use this ``feature''
to completely drain the I/T resources and stall its
operation.

I.e. the node will keep the data and wait indefinitely until
0x00 in order to process the request. If 0x00 is never
received, the node will eventually run out of memory.

If such an implementation is in kernel space,
then after such an attack, the only solution
is the big red button.

-- 
Luben

Follow-Ups:
- Re: iSCSI: Text request/response spanning - security issue?
  - From: "Mallikarjun C." <cbm@rose.hp.com>

Prev by Date: Re: iSCSI: SRP status
Next by Date: Re: iSCSI: Text request/response spanning - security issue?
Prev by thread: RE: iscsi: CRN support not required. [was :Re: [Fwd: iSCSI: items discussed at WG meeting]]
Next by thread: Re: iSCSI: Text request/response spanning - security issue?
Index(es):
- Date
- Thread

Home

Last updated: Thu Apr 04 04:18:25 2002
9478 messages in chronological order