Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Sonicwall DoS
From: Leon Rosenstein <l_rosenstein () MONTELSHOW COM>
Date: Mon, 28 Aug 2000 10:44:06 -0400
Hey everyone first time poster long time lurker.  Not sure if this qualifies
as a vulnerability or even if it will make the list however, in the
Sonicwall SoHo there is a limitation on the amount of connections that one
can open.  This sets up a denial of service scenario if one can “surpass”
the limit.  A denial of service condition exists if someone opens up more
then 2048 connections.  When this limit is surpassed the “cache” will
overflow and it will begin to drop internal connections.  A simple way to
re-create this is to run a tcp port scan on a host on the wan.  When you
open up more then 2048 connection it will begin to “complain” via the log

08/28/2000 10:18:46.368 -     The cache is full; over 2048 simultaneous
connections; some will be dropped -     Source:10.1.1.6, 2119, LAN -
Destination:xxx.xx.xx.xxx, WaN –

At this point all future connections will have a much less likely chance of
getting through as the port scanner saturates all remaining available
connections.

Again I am not sure if I even posted this right or adhered to any “posting
protocol”.  Anyone that has any suggestions or comments please feel free to
reach me via e-mail.

Thx,

Leon Rosenstein

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]