[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Why Linux, Why Debian

On Sat, Feb 21, 2004 at 11:28:40PM +1100, Russell Coker wrote:
> On Sat, 21 Feb 2004 19:39, Andrew Suffield <asuffield@debian.org> wrote:
> > No, chargen cannot form part of a DoS attack. Nothing which is
> > equivalent to or less effective than a UDP flood forms a meaningful
> > part of a DoS attack.
> There have been some DoS attacks based on a url of the form:
> http://localhost:19/whatever
> From memory they affected Netscape Navigator and IE, and some web proxy 
> software.
> Whether this is the fault of the application for not having some limit to 
> memory use is something that we can debate.  Chargen-TCP has been used as 
> part of a DoS attack, and turning it off will alleviate some things.

file:///dev/zero works too, or telling them to run :(){:&:};: in a
shell. That's not a DoS attack, that's a user-is-a-moron attack.

  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: signature.asc
Description: Digital signature

Reply to: