Bugtraq mailing list archives
Re: Suspicion about denial of service attacks possible on IP.
From: jlewis () inorganic5 fdt net (Jon Lewis)
Date: Tue, 22 Oct 1996 08:49:10 -0400
On Mon, 21 Oct 1996, Henrik P Johnson wrote:
I was idly reading through Internetworking with TCP/IP yesterday when it hit me what might be a possible denial of service attack on IP stacks. What would happen if a host was bombarded with faked fragments of large IP packages. Would the stack allocate more and more memory trying to reconstruct the packages or do they operate with a fixed/max size limit on memory allocated for IP defragmentation?
This happened a few months ago to our IRC server. I don't remember if it was linux 1.2.x or 2.0.x at the time. The result was the system basically ran out of memory and became unusable for several minutes. Eventually, it did fully recover without a reboot. ------------------------------------------------------------------ Jon Lewis <jlewis () fdt net> | Unsolicited commercial e-mail will Network Administrator | be proof-read for $199/hr. ________Finger jlewis () inorganic5 fdt net for PGP public key_______
Current thread:
- Suspicion about denial of service attacks possible on IP. Henrik P Johnson (Oct 21)
- Re: Suspicion about denial of service attacks possible on IP. Warner Losh (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Jon Lewis (Oct 22)
- Re: Suspicion denied Nathan Lawson (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Darren Reed (Oct 22)
- <Possible follow-ups>
- Re: Suspicion about denial of service attacks possible on IP. J.R.Valverde (Oct 22)
- Re: Suspicion about denial of service attacks possible on IP. Keith Bostic (Oct 22)