|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: iSCSI: ping data sizeGlen, A DoS attack can use several other mechanisms too (not only NOPs). And it can be avoided by just having the target of the attack dropping the connection with an initiator that issues excessive amount of NOPs with data and limiting the allowed ping size. Julo
Julian Satran wrote: > > The originator may be trying to measure something. Allowing the > responder to twart the answer would be counterproductive. As pointed out before, this allows a denial of service attack on public iSCSI servers (such as CD-ROM stackers in libraries) -- Glen Turner Network Engineer (08) 8303 3936 Australian Academic and Research Network glen.turner@aarnet.edu.au http://www.aarnet.edu.au/ -- The revolution will not be televised, it will be digitised
Home Last updated: Tue Aug 20 02:19:03 2002 11649 messages in chronological order |