Re: Suspicion denied

nlawsonkdat.csc.calpoly.edu

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Darren Reed: "Re: Suspicion about denial of service attacks possible on IP."
• Previous message: Keith Bostic: "Re: Suspicion about denial of service attacks possible on IP."
• In reply to: Henrik P Johnson: "Suspicion about denial of service attacks possible on IP."
• Next in thread: Darren Reed: "Re: Suspicion about denial of service attacks possible on IP."

Henrik said:
> I was idly reading through Internetworking with TCP/IP yesterday when it
> hit me what might be a possible denial of service attack on IP stacks. What
> would happen if a host was bombarded with faked fragments of large IP
> packages. Would
> the stack allocate more and more memory trying to reconstruct the packages or
> do they operate with a fixed/max size limit on memory allocated for IP
> defragmentation?

No.  At the very least, ip_drain() is called when the kernel needs more memory
and its first task is to drop all fragments.

General request:  Please desist with the silly ping ramblings.

--
Nate Lawson                  "There are a thousand hacking at the branches of
CPE Senior                    evil to one who is striking at the root."
CSL Admin                              -- Henry David Thoreau, 'Walden', 1854

• Next message: Darren Reed: "Re: Suspicion about denial of service attacks possible on IP."
• Previous message: Keith Bostic: "Re: Suspicion about denial of service attacks possible on IP."
• In reply to: Henrik P Johnson: "Suspicion about denial of service attacks possible on IP."
• Next in thread: Darren Reed: "Re: Suspicion about denial of service attacks possible on IP."