| To: | Pekka Savola <pekkas@xxxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH} ARP auto-sizing for 2.4.24 - 2.4.26-pre3 |
| From: | "David S. Miller" <davem@xxxxxxxxxx> |
| Date: | Mon, 15 Mar 2004 13:57:53 -0800 |
| Cc: | timg@xxxxxxx, anton@xxxxxxxxx, netdev@xxxxxxxxxxx, linux-net@xxxxxxxxxxxxxxx |
| In-reply-to: | <Pine.LNX.4.44.0403152350260.6903-100000@netcore.fi> |
| References: | <20040315134412.314b5e23.davem@redhat.com> <Pine.LNX.4.44.0403152350260.6903-100000@netcore.fi> |
| Sender: | netdev-bounce@xxxxxxxxxxx |
On Mon, 15 Mar 2004 23:55:04 +0200 (EET) Pekka Savola <pekkas@xxxxxxxxxx> wrote: > Isn't there a problem when an outside attacker brute-force pings every > IP address in some order? The intent here is to overload the router > to do a lot of ARP/ND requests which result to nothing. Since another request for the same IP won't spam out another ARP request whilst we have an existing entry in state "resolve in progress", the damage is quite limited I'd say. Sounds to me like the backlog of packets we keep around for each "resolve in progress" neighbour cache entry is more interesting for DoS purposes :-) |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH} ARP auto-sizing for 2.4.24 - 2.4.26-pre3, Pekka Savola |
|---|---|
| Next by Date: | Re: [PATCH} ARP auto-sizing for 2.4.24 - 2.4.26-pre3, Andi Kleen |
| Previous by Thread: | Re: [PATCH} ARP auto-sizing for 2.4.24 - 2.4.26-pre3, Pekka Savola |
| Next by Thread: | Re: [PATCH} ARP auto-sizing for 2.4.24 - 2.4.26-pre3, Pekka Savola |
| Indexes: | [Date] [Thread] [Top] [All Lists] |