[openbeosnetteam] Re: what about attacks?

Well, if you want to start on a TCP module please feel free! We don't even
have one started yet, so this is probably a bit early. Good thought though.

david

----- Original Message -----
From: "Kobi Lurie" <k_lurie@xxxxxxxxxxxxxx>
To: <openbeosnetteam@xxxxxxxxxxxxx>
Sent: Saturday, March 16, 2002 2:33 PM
Subject: [openbeosnetteam] Re: what about attacks?


> 16/03/2002 12:57:02, "Bruno G. Albuquerque" <bga@xxxxxxxxxxxxx> wrote:
>
> >Truth is, there is no way to do that. If the attacker has a large
> >enough pipe (or a large number of small connections adding up) they may
> >not take your machine down, but they can everload your link and you
> >won't be getting any real requests anyway. Also even if you're doing
> >packet filtering on your machine he machine still has to process each
> >packet that arrives to see if it is to be discarded or not so, again, a
> >large number of packages can get your machine to its knees.
> >
>
> check this out: (summary of most attacks)
>
http://groups.google.com/groups?q=denial+of+service+beos&hl=en&lr=lang_en|la
ng_iw&ie=ISO-8859-8-I&oe=ISO-
> 8859-8-I&selm=uvbaet0qr06bbc23a64t6sc6kdbh73gdn9%404ax.com&rnum=1
>
> a simple search on google.
>
> BeOS R5 is right now vulnerable to all these attacks, so i'm asking for
atleast jolt2 (from the post above) and other tcp
> related attacks to be taken care of, or maybe QA before releases to check
with a tool like nessus or similar so the
> known attacks are taken care of.
> a design and some thinking about stability might lead to a better
approach.
>
>
>
>

Other related posts: