|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Re: Cisco VPN Concentrator IKE resource exhaustion DoS Advisory
henry.sieff
gmail.com
Date: Mon Aug 07 2006 - 17:24:13 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Cisco recommends a workaround which essentially sets a limit on the number of outstanding SA's and drops new SA requests if they exceed that limit (outlined in http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a0080229125.html)
It seems to me that this will not accomplish much - presumably the determined attacker will simply continue to send packets - as soon as the number of SA'ss drops below that limit the attacker will simply fill up the queue again. Am I missing something about the vulnerability or the supposed fix from Cisco?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]