IDS mailing list archives

Sessions Resource Exhaustion

From: "Ravi Chunduru" <ravi.is.chunduru () gmail com>
Date: Thu, 11 Oct 2007 09:14:02 -0700

using simple tools such as hping2 and others, i am able to exhaust
session resources in some firewall and IPS devices. some firewalls and
IPS devices addressing small business market segments seems to be
supporting maximum of 10000 sessions.  these devices are not allowing
any new connections if all 10000 sessions are used up.

can i say that these devices are vulnerable to simple DoS attacks?

thanks
Ravi

------------------------------------------------------------------------
Test Your IDS

Is your IDS deployed correctly?
Find out quickly and easily by testing it 
with real-world attacks from CORE IMPACT.
Go to http://www.coresecurity.com/index.php5?module=Form&action=impact&campaign=intro_sfw 
to learn more.
------------------------------------------------------------------------

Current thread:

Sessions Resource Exhaustion Ravi Chunduru (Oct 12)
- Re: Sessions Resource Exhaustion Andrew Hay (Oct 12)
- Re: Sessions Resource Exhaustion H D Moore (Oct 12)
  - Re: Sessions Resource Exhaustion Ravi Chunduru (Oct 15)
    - Re: Sessions Resource Exhaustion Rahul K (Oct 16)
    - Re: Sessions Resource Exhaustion Ravi Chunduru (Oct 16)
    - Re: Sessions Resource Exhaustion Rahul K (Oct 16)
    - Re: Sessions Resource Exhaustion Control Zed (Oct 18)
- RE: Sessions Resource Exhaustion Nelson Brito (Oct 12)
  - Re: Sessions Resource Exhaustion K K (Oct 15)
    - RE: Sessions Resource Exhaustion Nelson Brito (Oct 15)

(Thread continues...)