Great Circle Associates Firewalls
(March 1993)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Should packets just be dropped...
From: Amos Shapira <amoss @ cs . huji . ac . il>
Date: Wed, 03 Mar 1993 10:52:11 +0200
To: firewalls @ GreatCircle . COM
In-reply-to: Your message of Tue, 2 Mar 93 18:18:47 CST . <9303030018 . AA10616 @ tadpole . tadpole . com>

In message <9303030018 .
 AA10616 @
 tadpole .
 tadpole .
 com> jim @
 tadpole .
 com
(Jim Thompson) write:
|Consider what happens if I forge my source address to be inside some
|network that I don't like, and I then flood you with datagrams that
|you bounce back to 'me', unknowingly causing router meltdown somewhere
|on the border of, or inside the network that I despise.

Isn't it possible today with trying to connect to invalid ports on any
host on the Internet?  As far as I understand it will have the same effect.

Also, to avoid flooding some protocols limit the number of responses they send
in every time interval,  like a packet a second.

|
|To make matters worse, I add some IP option (a source route) that adds
|to both your router's processing burden as well as the one on the unloved netw
|ork.

Again, what prevents you from doing it today without the suggested change?

|
|Jim

Cheers,

--Amos Shapira

CS System Group, Hebrew University, Jerusalem, Israel
amoss @
 cs .
 huji .
 ac .
 il



References:
Indexed By Date Previous: Re: Appletalk through firewalls.
From: johng @ weema . chi . uwa . edu . au (John Gibbins)
Next: Should packets just be dropped...
From: louis @ andataco . com
Indexed By Thread Previous: Re: Should packets just be dropped...
From: jim @ tadpole . com (Jim Thompson)
Next: tcpr ftp bug fix release 1.1.3
From: "G. Paul Ziemba" <paul @ alantec . com>

Google
 
Search Internet Search www.greatcircle.com