Re: denial of service attack possible

[fc () all net (Dr. Frederick B. Cohen)]

> [Denial of service possible by remote host putting multiple connections
> to a port into the SYN_RCVD state, thereby precluding further
> (legitimate) connection attempts.]

This is only the very beginning of this issue.  Virtually every server
around today runs code that has no timeouts on TCP connections.  Without
timeouts, the other person merely has to wait forever without responding
and your server will tie up without end.  Do it (5-1024) times and you
stuff the service.  This also works against most Proxies in firewalls,
many Internet gateway services, ISP-provided services, etc.

You may also run into the too-many services provided per minute limit,
run out of memory while two processes wait for each other to free up the
memory they need to finish their task, have open files not shareable
between two processes (thus causing a similar denial), and the list
rolls on.  As long as you're looking at one, you may as well look at the
whole suite pof problems that go along with it.

--
-> See: Info-Sec Heaven at URL http://all.net
Management Analytics - 216-686-0090 - PO Box 1480, Hudson, OH 44236