|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: iSCSI: Text request/response spanning - security issue?Luben, > A rougue/badly implemented T/I can use this ``feature'' > to completely drain the I/T resources and stall its > operation. I assume you are describing a DoS attack on an iSCSI peer - it isn't exactly limited only to this feature, there are several other ways - not sending a Login Request at all after the TCP connection establishment, not setting the F-bit/T-bit etc. will all result in this problem. The expectation is that implementations will set the right timeouts to detect and get out of these conditions. The state transitions (chapter 5) allow these timeouts as legal events that could cause a Login failure. Also take a look at section 6.8, which deals with timeouts in text negotiations. -- Mallikarjun Mallikarjun Chadalapaka Networked Storage Architecture Network Storage Solutions Organization Hewlett-Packard MS 5668 Roseville CA 95747 cbm@rose.hp.com ----- Original Message ----- From: "Luben Tuikov" <luben@splentec.com> To: "iSCSI" <ips@ece.cmu.edu>; "Julian Satran" <Julian_Satran@il.ibm.com>; "Mallikarjun C." <cbm@rose.hp.com> Sent: Thursday, March 28, 2002 4:12 PM Subject: Text request/response spanning - security issue? > A key=value pair can span multiple Text Request/Response PDU's. > > A rougue/badly implemented T/I can use this ``feature'' > to completely drain the I/T resources and stall its > operation. > > I.e. the node will keep the data and wait indefinitely until > 0x00 in order to process the request. If 0x00 is never > received, the node will eventually run out of memory. > > If such an implementation is in kernel space, > then after such an attack, the only solution > is the big red button. > > -- > Luben >
Home Last updated: Thu Mar 28 21:18:18 2002 9372 messages in chronological order |