Kiss-o'-death packets?

Sean Donelan sean at donelan.com
Mon Oct 6 10:08:10 UTC 2003


On Mon, 6 Oct 2003, Peter Galbavy wrote:
> Erm, I can see a huge DoS hole waiting to happen to any protocol that
> doesn't in turn implement some sort of authentication of the server. The
> more protocols you allow to do this, the more potential for DoS of important
> (possibly) client information.

Uhm, you are also aware that if the attacker can spoof the kiss-o'-death
packets; the same attacker could spoof all sorts of other packets
including the time protocol packets to change the clock on your computer.





More information about the NANOG mailing list