Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections
From: alan () LXORGUK UKUU ORG UK (Alan Cox)
Date: Thu, 30 Dec 1999 02:45:14 +0000


The Internet Service Providers (ISPs) must take action to drop long ICMP
packets in the backbone networks (any packet longer than 1499 bytes, at
least).


This will break existing "good behaviour" legal systems and potentially
disrupt MTU discovery proceedure. It isnt a feasible option without a lot
of additional checks to the packet type etc, at which point with many routers
the firewall rules involved turn into a performance based DoS on the core
routers.

Alan

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]