SORT BY:

LIST ORDER
THREAD
AUTHOR
SUBJECT


SEARCH

IPS HOME


    [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

    Re: Text request/response spanning - security issue?




    Luben,

    That is certainly an implementation issue and dropping the connection/session should not be that hard!
    There are many other ways in which a bad implementation can affect the partner resource utilization.

    Unfortunately we can't avoid having to span text over several PDus (we attempted this in the past) as the minimum PDU on which we reached consensus is very small (512).  During Login however you are better of as the default is 8k and a badly behaved partner can be detected earlier.

    Julo


    Luben Tuikov <luben@splentec.com>
    Sent by: owner-ips@ece.cmu.edu

    29-03-02 02:12
    Please respond to Luben Tuikov; Please respond to iSCSI

           
            To:        iSCSI <ips@ece.cmu.edu>, Julian Satran/Haifa/IBM@IBMIL, "Mallikarjun C." <cbm@rose.hp.com>
            cc:        
            Subject:        Text request/response spanning - security issue?

           


    A key=value pair can span multiple Text Request/Response PDU's.

    A rougue/badly implemented T/I can use this ``feature''
    to completely drain the I/T resources and stall its
    operation.

    I.e. the node will keep the data and wait indefinitely until
    0x00 in order to process the request. If 0x00 is never
    received, the node will eventually run out of memory.

    If such an implementation is in kernel space,
    then after such an attack, the only solution
    is the big red button.

    --
    Luben




Home

Last updated: Thu Apr 04 08:18:30 2002
9481 messages in chronological order