Re: Text request/response spanning - security issue?

["Julian Satran" <Julian_Satran@il.ibm.com>]

Luben,

That is certainly an implementation issue and dropping the connection/session should not be that hard!
There are many other ways in which a bad implementation can affect the partner resource utilization.

Unfortunately we can't avoid having to span text over several PDus (we attempted this in the past) as the minimum PDU on which we reached consensus is very small (512).  During Login however you are better of as the default is 8k and a badly behaved partner can be detected earlier.

Julo

Luben Tuikov <luben@splentec.com> Sent by: owner-ips@ece.cmu.edu 29-03-02 02:12 Please respond to Luben Tuikov; Please respond to iSCSI

To:        iSCSI <ips@ece.cmu.edu>, Julian Satran/Haifa/IBM@IBMIL, "Mallikarjun C." <cbm@rose.hp.com>         cc:                 Subject:        Text request/response spanning - security issue?

A key=value pair can span multiple Text Request/Response PDU's.

A rougue/badly implemented T/I can use this ``feature''
to completely drain the I/T resources and stall its
operation.

I.e. the node will keep the data and wait indefinitely until
0x00 in order to process the request. If 0x00 is never
received, the node will eventually run out of memory.

If such an implementation is in kernel space,
then after such an attack, the only solution
is the big red button.

-- 
Luben