Slashdot Mirror

← Back to Stories (view on slashdot.org)

New Low Bandwidth Denial of Service Attacks

Posted by CmdrTaco on from the i'm-very-slow dept.

An anonymous reader writes "A paper from Rice University appearing at the 2003 ACM Sigcomm Conference presents a new denial of service attack where the attacker only needs to send at a low rate to shutdown TCP flows. The trick exploits the retransmission timeout mechanism in TCP. By sending small bursts of packets at just the right frequency, the attacker can cause all TCP flows sharing a bottleneck link to simultaneously stop indefinitely. And because the attacker only needs to burst periodically, the attacker will not be distinguishable from normal hosts. The presentation, and other presentations from the conference, are available online (live streaming)."

10 of 366 comments (clear)

  1. Dupe story. Mod me sideways... by fuqqer · · Score: 4, Informative

    This is a duplicate storyfrom a looonnnng time ago. May 31 as a matter of fact. This means something considering the amount brain cells I kill with liquor everyday.

  2. Direct link to paper by Hygelac · · Score: 5, Informative

    Gzipped Postscript file

    --
    -- Grow up and use mutt.
  3. Comment removed by account_deleted · · Score: 3, Informative

    Comment removed based on user account deletion

  4. Re:Where can I read about this? by cK-Gunslinger · · Score: 4, Informative

    Uh, click on the word "paper" in the story, then click on "This paper is available in Adobe PDF format."

    Or Cick Here

  5. Re:Dupe story. Mod me sideways... by robbyjo · · Score: 2, Informative

    Wrong. That's a different paper.

    --

    --
    Error 500: Internal sig error
  6. Re:Tough paper to read by tomhudson · · Score: 4, Informative

    Actually, this isn't new. The exact reverse concept was mentioned here as a way to fight spam.

  7. Re:yay (faker!) by hey · · Score: 5, Informative

    "baud" is named after J.M.E. Baudot who was French. more info

  8. Re:yay (faker!) by geighaus · · Score: 2, Informative

    Well, in Russian "baud" is spelled as "bod" (with cyrillic letters of course). All Latin alphabet based languages seem to have it as "baud" or a similar form (the ones I checked are German, Finnish, Swedish, Italian, French).

  9. Re:yay (faker!) by Izago909 · · Score: 2, Informative

    Actually, modems stopped increasing in baud at 9600 (I'm almost sure). Baud tells you how many signal changes happen in a second. With compression and other techniques, we can actually transmitt more than 1 bit/baud these days.

  10. Re:yay (faker!) by runderwo · · Score: 2, Informative
    56K modems actually run at a 2800 baud symbol rate, exactly the same as a 28.8K modem.

    Illogically, it is actually easier to establish and maintain a 56k connection than it is a 33.6K connection, when the local phone line is the only thing in question. (with 56k, you also have to have no more than one analog->digital conversion in between you and the phone company).

    A 33.6K connection requires a symbol rate of 3200, which is greater than the 2800 that the 56K uses; hence, when customers would ask "Whats the chances I can get 56k out of my line" and the tech would answer "Can you connect at the maximum 33.6K right now? If not, it wont work", they were flat out wrong.

    --
    LRC, the best-read libertarian site on the web