Denial of Service via Algorithmic Complexity
dss902 writes "We (Department of Computer Science, Rice University) present a new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures... Using bandwidth less than a typical dialup modem, we can bring a dedicated Bro server to its knees; after six minutes of carefully chosen packets, our Bro server was dropping as much as 71% of its traffic and consuming all of its CPU. We show how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks."
suckaz
Any attack against a Bro server is obviously a plot perpetrated by The Man, to keep a brother down. Peace to all my dead homies.
Because retards like you can't close a fucking italic tag. Dumbfuck.
One built by niggers. You can thank affirmative action in the computer industry for this one. Of course it would be easy to bring them down. It would be like asking a nigger to add two single-digit numbers together.
This guy is lame. If you don't set limits you will run out of them. If you do set limits you will run into them. Then he claims to have a "new" hashing function to fix all that, yet it is not finished with it.
Furthmore, he claims the dnscache module in djbdns has a problem, but DJB in his infinite wisdom prepared for it.
This guy is just lame, please ignore him.
No problem. Here is a mirror.
Well, duh, it's not like you have to be incredibly smart to figure this out by yourself. Anybody with programming skills beyond programming 101 should already be aware of this.
OR
Some random Slashdot Editor posting links to it, thereby calling the attention of the whole damn world to the fact that this class of vulnerability exists, apparently without fixes.
Yes, I know, "Security through Obscurity is no Security at All." On the other hand, in a multi-layered security environment (think defense in depth), obscurity, or secrecy IS a valid (albeit thin) layer. This just eliminated that layer.
Thanks, dipshits, and Slashdot, for making the world a WORSE place.
Hey, wait a minute!
No, apparently he didn't read the articles either, just look at them to notice they're the same. I just *actually* read the links. Not only are both links the same, but both of them are the Lands End spring 2003 catalog!
I can't believe the submitter was able to slip something like that past not just the slashdot editors, but all 82 posters so far. Crazy.
It is publish or perish at most universities and even most colleges.
They just found a topic to publish a paper on that extends things a little bit. This paper will then be footnoted by other researchers along with hundreds of other footnotes.
Very little published is new or even remotely creative - creativity is something that I have found is supressed by academia.
I suggest that if there are any questions, we as the slashdot community should collectively send them our pertinate questions.
Such attacks will mostly be possible when you have access to the source-code of a program, and can look through it to find weak algorithmic parts.
I guess it's harder to do this on a proprietary system. Perhaps this the "Open source is less secure"-argument that MS has been hoping for?