Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: David LeBlanc (dleblancmindspring.com)
Date: Fri Jul 27 2001 - 00:08:00 CDT
> -----Original Message-----
> From: Michal Zalewski [mailto:lcamtufgis.net]
> > 3. Windows 2000 Server UP. - the system graphs jump from 2%
> cpu usage
> > (in a calm evening with no ongoing backups and domain
> > synchronizations) to approx. 35% and holds it steady.
> Windows are usually impacted by high-ratio packet floods.
Depends on the NIC, the driver, and the OS version. Very old versions of
NDIS weren't as efficient as more recent versions. Driver quality tends to
dominate the results.
> I believe you are actually testing link layer performance,
> PCI bus speed
> and network cards, not operating systems ;)
And NIC driver.
I've seen this happen more than once - Attacker is fast box tester writes
flood code on. Victim is some dilapidated system that should have been
retired. CPU gets pegged on victim, as it has a cheap NIC with bad drivers.
Person thinks they've found a new exploit. Some NICs work better than
others, and some drivers work better than others.