Re: How NAT reacts on table flood ?

From: Bob Middaugh (bob.middaugh@comcast.net)
Date: Tue Jul 11 2006 - 15:22:43 EDT

• Next message: Bob Middaugh: "Re: How NAT reacts on table flood ?"
• Previous message: Bob WIlliams: "Re: Pen Testing Map"
• Maybe in reply to: Norbert François: "How NAT reacts on table flood ?"
• Next in thread: Bob Middaugh: "Re: How NAT reacts on table flood ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Which version of FreeBSD? What were you using to flood it? Which direction?

 -------------- Original message ----------------------
From: "Robert E. Lee" <robert@dyadsecurity.com>
> On Tue, 11 Jul 2006 18:52:19 +0000
> bob.middaugh@comcast.net (Bob Middaugh) wrote:
>
> > Use FreeBSD. I've scanned aggressively with several nmap processes running,
> with no problem at all....and that box also does stateful packet inspection.
>
> Your box will have a much higher threshold than say the linksys soho box, but
> given enough connection attempts fast enough, will also roll over.
>
> I've performed this sort of state capability testing on every common platform.
> All are susceptible to tieing up all free connections. We even caused a freebsd
> box to reboot after too many connections too quickly.
>
> Robert
>
> --
> Robert E. Lee
> Chief Information Officer
> http://www.dyadsecurity.com
>
> phone: (949) 394-2033
> fax : (949) 486-6601
> email: robert@dyadsecurity.com

------------------------------------------------------------------------------
This List Sponsored by: Cenzic

Concerned about Web Application Security?
Why not go with the #1 solution - Cenzic, the only one to win the Analyst's
Choice Award from eWeek. As attacks through web applications continue to rise,
you need to proactively protect your applications from hackers. Cenzic has the
most comprehensive solutions to meet your application security penetration
testing and vulnerability management needs. You have an option to go with a
managed service (Cenzic ClickToSecure) or an enterprise software
(Cenzic Hailstorm). Download FREE whitepaper on how a managed service can
help you: http://www.cenzic.com/news_events/wpappsec.php
And, now for a limited time we can do a FREE audit for you to confirm your
results from other product. Contact us at request@cenzic.com for details.
------------------------------------------------------------------------------

• Next message: Bob Middaugh: "Re: How NAT reacts on table flood ?"
• Previous message: Bob WIlliams: "Re: Pen Testing Map"
• Maybe in reply to: Norbert François: "How NAT reacts on table flood ?"
• Next in thread: Bob Middaugh: "Re: How NAT reacts on table flood ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:56:15 EDT