|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: Text request/response spanning - security issue?Luben, That is certainly an implementation issue and dropping the connection/session should not be that hard! There are many other ways in which a bad implementation can affect the partner resource utilization. Unfortunately we can't avoid having to span text over several PDus (we attempted this in the past) as the minimum PDU on which we reached consensus is very small (512). During Login however you are better of as the default is 8k and a badly behaved partner can be detected earlier. Julo
A key=value pair can span multiple Text Request/Response PDU's. A rougue/badly implemented T/I can use this ``feature'' to completely drain the I/T resources and stall its operation. I.e. the node will keep the data and wait indefinitely until 0x00 in order to process the request. If 0x00 is never received, the node will eventually run out of memory. If such an implementation is in kernel space, then after such an attack, the only solution is the big red button. -- Luben
Home Last updated: Thu Apr 04 08:18:30 2002 9481 messages in chronological order |