Interesting People mailing list archives
Flawed Routers Flood University of Wisconsin Internet Time Server
From: Dave Farber <dave () farber net>
Date: Fri, 29 Aug 2003 14:49:02 -0400
Date: Fri, 29 Aug 2003 13:54:02 -0400 From: Tom Goltz <tgoltz () QuietSoftware com> Subject: Flawed Routers Flood University of Wisconsin Internet Time Server X-Sender: tgoltz () mail quietsoftware com To: dave () farber netDave - I think this would be an excellent item for distribution to the IP list - very important reading for anyone implementing network software or devices that will be using network services provided by a third party. (To give credit where it's due, I found a link to this on Phil Kaplan's profanely-named web site.)Flawed Routers Flood University of Wisconsin Internet Time Server Netgear Cooperating with University on a ResolutionDave Plonka, August 21, 2003 - <http://www.wisc.edu>University of Wisconsin-Madisonupdated $Date: 2003/08/27 18:42:42 $ plonka at doit dot wisc dot edu ABSTRACTIn May 2003, the University of Wisconsin - Madison found that it was the recipient of a continuous large scale flood of inbound Internet traffic destined for one of the campus' public Network Time Protocol (NTP) servers. The flood traffic rate was hundreds-of-thousands of packets-per-second, and hundreds of megabits-per-second.Subsequently, we have determined the sources of this flooding to be literally hundreds of thousands of real Internet hosts throughout the world. However, rather than having originated as a malicious distributed denial-of-service (DDoS) attack, the root cause is actually a serious flaw in the design of hundreds of thousands of one vendor's low-cost Internet products targeted for residential use. The unexpected behavior of these products presents a significant operational problem for UW-Madison for years to come.This document includes the initial public disclosure of details of these products' serious design flaw. Furthermore, it discusses our ongoing, multifaceted approach toward the solution which involves the University, the products' manufacturer, the relevant Internet standards (RFCs), and the public Internet service and user communities.http://www.cs.wisc.edu/~plonka/netgear-sntp/
------------------------------------- You are subscribed as interesting-people () lists elistx com To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- Flawed Routers Flood University of Wisconsin Internet Time Server Dave Farber (Aug 29)