lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20031203185959.K21382-100000@gatekeeper.intra.bartsplace.net>
Date: Wed, 3 Dec 2003 19:13:15 +0100 (CET)
From: Bart van Leeuwen <bart@...tsplace.net>
To: kevin.milne@...il.com
Cc: bugtraq@...urityfocus.com
Subject: Re: speedtouch 510 DOS


The problem as you mention it is something that I have seen as well.
For all I have been able to find, it has to do with the load on the
ethernet port and very likely, with the occurance of collisions on the
ethernet segment it is connected to.

Currently, my modem is connected to a dedicated router with a crosslink,
and I have no problem whatsoever. However, as soon as I use a hub to
connect multiple machines to it, and create substantial load on the
segment so that collisions start occurign regularely, the behavior as
you describe occurs. This is regardless of if the modem has to 'route' the
traffic or not, local traffic will do the trick as well, as long as the
modem gets to see it on its ethernet port.

I have 2 such modems, and tried with 2 borrowed ones, and in all cases the
behavior is identical.

I have not been able to recreate this behavior with an outside attack.

On another note, it seems to be able to overflow the NAT table of the
modem by bombarding it with incomming connections for a port for which an
inbound mapping has been made (no surprise that it is possible, but the
ease with which it is possible is amazing), which will affect every other
inbound nat definition, and will make the browser based user interface
fail.

Id you have to use this modem anyway, use it with a dedicated link to a
machine that is gonna do ppoe and all the nat stuff..

regards, Bart.



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ