[prev in list] [next in list] [prev in thread] [next in thread] 

List:       vuln-dev
Subject:    Re: FreeBSD listen()
From:       "D. J. Bernstein" <djb () CR ! YP ! TO>
Date:       1999-11-09 1:11:03
[Download RAW message or body]

CyberPsychotic writes:
> But this doesn't solve the problem either.

The problems under discussion are file theft and file replacement. The
protection I mentioned eliminates these problems.

It would also be adequate for the OS to simply count the number of SYNs,
and report this number to the server, which will give up if the number
is larger than 1.

> no {RETR,STORE} will be issued, and no data will be transfered,
> but now it just turns in plain denial of service.

All unpaid public services are vulnerable to flooding. Fixing this means
deploying electronic cash and redesigning almost every Internet service
from scratch. Until that's done, it's a waste of time to worry about the
problem; everything you try will amount to security through obscurity.

---Dan

[prev in list] [next in list] [prev in thread] [next in thread]