Re: Why Linux, Why Debian
On Sun, 22 Feb 2004 00:19, Andrew Suffield <asuffield@debian.org> wrote:
> > There have been some DoS attacks based on a url of the form:
> > http://localhost:19/whatever
> >
> > From memory they affected Netscape Navigator and IE, and some web proxy
> > software.
> >
> > Whether this is the fault of the application for not having some limit to
> > memory use is something that we can debate. Chargen-TCP has been used as
> > part of a DoS attack, and turning it off will alleviate some things.
>
> file:///dev/zero works too, or telling them to run :(){:&:};: in a
> shell. That's not a DoS attack, that's a user-is-a-moron attack.
If the user has to type in the URL with :19 then it means it's a "user is a
newbie" attack, we can't expect everyone to know the meaning of :19 (I had to
look it up to write the previous message as I couldn't remember it).
"localhost" can be replaced by any DNS name that has an A record of 127.0.0.1.
Such a URL could be included in a frame where the user would be unable to see
it before it gets loaded.
You might say "if the user clicks on something in their web browser and
nothing happens but the hard disk light stays on they are a moron if they
don't click the stop button". But even that relies on a moderate amount of
computer knowledge.
You are correct that a file:///dev/zero URL works too (in the latest version
of Mozilla it results in /dev/zero being copied to /tmp/something until all
disk space is full). This however is something that should be fixed in
Mozilla.
--
http://www.coker.com.au/selinux/ My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/ My home page
Reply to: