|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Fernando Gont (fernando
gont.com.ar)
Date: Wed Oct 01 2008 - 12:31:45 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
At 01:56 p.m. 01/10/2008, Peter J. Philipp wrote:
>I listened to the podcast and got the idea that the socket is in
>ESTABLISHED state (so after 3 way handshake) and they
>mention that a packets PCB resources have timers, and that is what
>they exploit.
That was just an example of the type of resources that could be exhausted.
>Perhaps you establish the session and
>send an HTTP request (pretend it's http) and never ACK the answer
>that gets repeated based on the internal timers. It seemed to me
>they say that some stop repeating their content and just die.
That would be Shalunov's netkill attack, which aims at exhausting
memory by tying it to both PCBs and socket send buffers.
--
Fernando Gont
e-mail: fernandogont.com.ar || fgontacm.org
PGP Fingerprint: 7809 84F5 322E 45C7 F1C9 3945 96EE A9EF D076 FFF1
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]