[Click] function to shut down router in kernel mode
Bob Keyes
bob at sinister.com
Mon Oct 4 10:17:26 EDT 2004
On Sun, 3 Oct 2004, Eddie Kohler wrote:
> Are you sure that you really want to tear down the router on memory exhaustion?
> That seems like an easy avenue for DoS.
Indeed it has been. See CERT Advisory CA-2000-21
http://www.cert.org/advisories/CA-2000-21.html
My own work when I was at BindView ;)
As I haven't been at bindview since january of 2001, and that company's
R&D is a shadow of its former self, I don't think any further research on
this problem is coming out of RAZOR. Vendors have only applied band-aid
fixes to the resouce exhaustion problems presented by NAPTHA. I've come up
with some long-term and proper fixes for these, in theory, but haven't had
the time / resources / encouragement to put it all into practice. If
anyone is interested in working on this, contact me off-list.
More information about the click
mailing list