[Top] [All Lists]

Re: Abort data transfer?

2009-10-21 14:56:01

John R Levine wrote:

I guess the thing is that it COULD be used as a DoS attack -

There's lots of things COULD be used as an attack. The fact that it's never happened in 30 years suggest this is not one worth worrying about.

Unfortunately, that same attitude was applied to accept/bounce attacks. Small or rare enough that operators can handle it by hand.

That is until 18-20 or so years later when the 2003 SORBIG dual blitz offense accept/bounce attacks woke up the industry in 2003.

Just consider that if a hacker is reading this list, he is finding out pretty quickly that many systems are vulnerable to this form of very large or never ending DATA payload attacks. Systems that not prepare for it and don't have people available to handle it "by hand" will be shutdown.

So even if is rare, it does not mean it should be ignored.


Hector Santos

<Prev in Thread] Current Thread [Next in Thread>