On Sun, Oct 19, 2003 at 01:37:58PM +1000, Andrew Pollock wrote: | Hmm, am I the only one that thinks | | dd if=/dev/zero | nc victim discard | | is a bad thing, in an environment where the victim is paying cents per meg | for inbound traffic? I'm no so much talking about DoSing anything, but | causing financial damage.
Yeah, but you can do that on any given port whether it's open or not. e.g. cat /dev/zero | nc -u victim 12345 (nc in UDP mode seems to ignore "ICMP port unreachable" packets in my testing... if it doesn't you can always use iptables to make sure it does.) There's no way to /stop/ someone from sending you data, whether you want it or not. Cameron.