Re: Why Linux, Why Debian

To: Andrew Suffield <asuffield@debian.org>, debian-devel@lists.debian.org
Subject: Re: Why Linux, Why Debian
From: Russell Coker <russell@coker.com.au>
Date: Sat, 21 Feb 2004 23:28:40 +1100
Message-id: <[🔎] 200402212328.40146.russell@coker.com.au>
Reply-to: russell@coker.com.au
In-reply-to: <[🔎] 20040221083949.GA9406@suffields.me.uk>
References: <[🔎] 20040215105222.GA8488@dat.etsit.upm.es> <[🔎] 20040220223045.18858.qmail@oak.oeko.net> <[🔎] 20040221083949.GA9406@suffields.me.uk>

On Sat, 21 Feb 2004 19:39, Andrew Suffield <asuffield@debian.org> wrote:
> No, chargen cannot form part of a DoS attack. Nothing which is
> equivalent to or less effective than a UDP flood forms a meaningful
> part of a DoS attack.

There have been some DoS attacks based on a url of the form:
http://localhost:19/whatever

From memory they affected Netscape Navigator and IE, and some web proxy 
software.

Whether this is the fault of the application for not having some limit to 
memory use is something that we can debate.  Chargen-TCP has been used as 
part of a DoS attack, and turning it off will alleviate some things.

Chargen-UDP is just a bad idea.

-- 
http://www.coker.com.au/selinux/   My NSA Security Enhanced Linux packages
http://www.coker.com.au/bonnie++/  Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/    Postal SMTP/POP benchmark
http://www.coker.com.au/~russell/  My home page

Reply to:

Follow-Ups:
- Re: Why Linux, Why Debian
  - From: Andrew Suffield <asuffield@debian.org>

References:
- Re: Why Linux, Why Debian
  - From: Javier Fernández-Sanguino Peña <jfs@computer.org>
- Re: Why Linux, Why Debian
  - From: Toni Mueller <toni@debian.org>
- Re: Why Linux, Why Debian
  - From: Andrew Suffield <asuffield@debian.org>

Prev by Date: Don't understand build failure
Next by Date: Re: Why Linux, Why Debian
Previous by thread: Re: Why Linux, Why Debian
Next by thread: Re: Why Linux, Why Debian
Index(es):
- Date
- Thread