Re: iSCSI: ping data size

To: Glen Turner <glen.turner@aarnet.edu.au>
Subject: Re: iSCSI: ping data size
From: "Julian Satran" <Julian_Satran@il.ibm.com>
Date: Mon, 19 Aug 2002 13:41:42 +0300
Cc: Eddy Quicksall <eddy_quicksall@ivivity.com>, "ips@ece. cmu. edu (E-mail)" <ips@ece.cmu.edu>
Content-Type: multipart/alternative; boundary="=_alternative 0039D786C2256C1A_="
Sender: owner-ips@ece.cmu.edu

Glen,

A DoS attack can use several other mechanisms too (not only NOPs). And it can be avoided by just

having the target of the attack dropping the connection with an initiator that issues excessive amount of NOPs with data and limiting the allowed ping size.

Julo

Glen Turner <glen.turner@aarnet.edu.au>

08/19/2002 09:19 AM

To: Julian Satran/Haifa/IBM@IBMIL
cc: Eddy Quicksall <eddy_quicksall@ivivity.com>, "ips@ece. cmu. edu (E-mail)" <ips@ece.cmu.edu>
Subject: Re: iSCSI: ping data size

Julian Satran wrote:
>
> The originator may be trying to measure something. Allowing the
> responder to twart the answer would be counterproductive.

As pointed out before, this allows a denial of service attack on
public iSCSI servers (such as CD-ROM stackers in libraries)

--
Glen Turner Network Engineer
(08) 8303 3936 Australian Academic and Research Network
glen.turner@aarnet.edu.au http://www.aarnet.edu.au/
--
The revolution will not be televised, it will be digitised

Prev by Date: igate draft
Next by Date: iSCSI - Markers - a clarification
Prev by thread: Re: iSCSI: ping data size
Next by thread: Security++ Changes Requested in FCIP
Index(es):
- Date
- Thread

Home

Last updated: Tue Aug 20 02:19:03 2002
11649 messages in chronological order