Re: 2.0.36: ip_masqurade and stealth scan DoS

Paul Rusty Russell (Paul.Russell@rustcorp.com.au)
Tue, 09 Mar 1999 06:43:09 +1130

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Murali Nagaraj: "Re: Simple DoS...out of resources?"
Previous message: G Jalaja Devi: "Multi Processor Safe!"
Maybe in reply to: Daniel Ryde: "2.0.36: ip_masqurade and stealth scan DoS"
Next in thread: Paul Fulghum: "Re: 2.0.36: ip_masqurade and stealth scan DoS"

In message <Pine.LNX.3.96.990308095449.23918D-100000@hobbe.tripnet.se> you writ
e:
> Hi,
>
> We have a problem with ip_masqurading set up as a firewall. When someone
> runs a stealth scan from the masquraded net to the outside net, it will
> very fast consume all available masqurade ports. The result is a nasty
> DoS for all adresses on the masquraded net.

Take a baseball bat to the stealth-scanning motherfucker, and the
problem will be resolved.

There are several possible DOS attacks from INSIDE a NAT host. Fixing
this one doesn't win much.

Trust me on the baseball bat,
Rusty.

-- .sig lost in the mail.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/

Next message: Murali Nagaraj: "Re: Simple DoS...out of resources?"
Previous message: G Jalaja Devi: "Multi Processor Safe!"
Maybe in reply to: Daniel Ryde: "2.0.36: ip_masqurade and stealth scan DoS"
Next in thread: Paul Fulghum: "Re: 2.0.36: ip_masqurade and stealth scan DoS"