It could be possible. Consider a protocol that utilized public-key
encryption. Every packet would have to be signed with the sender's private
key. Of course, anonymity goes completely out the window, but faking
return-addresses would be impossible. Faking return addresses seems to be
fairly essential to TCP/IP flavored DOS attacks.
-Tim
At 08:50 PM 00/04/05 -0400, you wrote:
>I'm not sure I follow. I know a decent amount about protocols and networking
>and, to my knowledge, there is no way, at the protocol level, to stop a DoS
>attack. I don't care how efficient the protocol is, if the server gets
>overloaded with requests, it can't provide service to every request,
>therefore service is denied (DoS). You can implement some QoS tools which
>will allow you to selectively service certain requests or protocols and/or
>use your router or firewall effectively but, again, these tools also have
>limits which, when reached, prevent the servicing of further requests (DoS).
>
>As a more digestible example, if you and all your co-workers try to retrieve
>your email at the same time then some of the requests will take longer than
>others. You frequently hear people say things like, "the mail server is slow
>today." What is happening is an unintentional denial or reduction of
>service. Hmmm, using that example, what's it called if everyone in your
>building flushes the toilet at the same time :)
>
>Steve
>
>-----Original Message-----
>From: Jennifer [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, April 05, 2000 8:01 PM
>To: [EMAIL PROTECTED]
>Subject: RE: Security holes revisited
>
>
>At 07:32 PM 4/5/00 -0400, you wrote:
>> Finally, if you follow your
>>scanning example to its logical extreme, then denial of service attacks are
>>just fine; they don't take advantage of any target vulnerabilities.
>
>That is not true. DOS does take advantage of a target vulnerability. The
>vulnerability isn't on the attacked computer, but in http itself. Other
>transfer protocols don't have this problem. Supposedly, there is one
>available with basically the same capabilities as http but that doesn't
>make sites vulnerable to DOS attacks. It is more private also, but the
>industry as a whole would have to shift to it and I don't see that
>happening any time soon.
>----------------------------------------------------------------------------
>--
>Archives: http://www.eGroups.com/list/cf-talk
>To Unsubscribe visit
>http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
>send a message to [EMAIL PROTECTED] with 'unsubscribe' in
>the body.
>
>---------------------------------------------------------------------------
---
>Archives: http://www.eGroups.com/list/cf-talk
>To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or
send a message to [EMAIL PROTECTED] with 'unsubscribe' in
the body.
>
>
Tim Lieberman Take a break and have a listen,
Electric Mind Control Do It NOW:
Workshop & Funk Bakery http://www.mp3.com/emcw
------------------------------------------------------------------------------
Archives: http://www.eGroups.com/list/cf-talk
To Unsubscribe visit
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_talk or send a
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
