RE: Security holes revisited

Wed, 05 Apr 2000 17:49:49 -0700 

I'm not sure I follow. I know a decent amount about protocols and networking
and, to my knowledge, there is no way, at the protocol level, to stop a DoS
attack. I don't care how efficient the protocol is, if the server gets
overloaded with requests, it can't provide service to every request,
therefore service is denied (DoS). You can implement some QoS tools which
will allow you to selectively service certain requests or protocols and/or
use your router or firewall effectively but, again, these tools also have
limits which, when reached, prevent the servicing of further requests (DoS).

As a more digestible example, if you and all your co-workers try to retrieve
your email at the same time  then some of the requests will take longer than
others. You frequently hear people say things like, "the mail server is slow
today." What is happening is an unintentional denial or reduction of
service. Hmmm, using that example, what's it called if everyone in your
building flushes the toilet at the same time :)

Steve

-----Original Message-----
From: Jennifer [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 05, 2000 8:01 PM
To: [EMAIL PROTECTED]
Subject: RE: Security holes revisited


At 07:32 PM 4/5/00 -0400, you wrote:
>  Finally, if you follow your
>scanning example to its logical extreme, then denial of service attacks are
>just fine; they don't take advantage of any target vulnerabilities.

That is not true. DOS does take advantage of a target vulnerability. The
vulnerability isn't on the attacked computer, but in http itself. Other
transfer protocols don't have this problem. Supposedly, there is one
available with basically the same capabilities as http but that doesn't
make sites vulnerable to DOS attacks. It is more private also, but the
industry as a whole would have to shift to it and I don't see that
happening any time soon.
----------------------------------------------------------------------------
--
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.

------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Reply via email to