[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

The penet compromise



> That lessens the probable impact of the return traffic to a rough
> multiplier of 10.  And given the time spread (my experiment yielded
> replies over 4 days), I don't know if this can be counted on to yield a
> denial-of-service attack.  (I suppose it's possible the perp might be
> trying to spam penet in the original sense, by trying to overrun
> arbitrary limits in the server)

I was thinking about this as I thought about the combination of
mail->news gateways such as anon.penet.fi and news autoresponders, and
it stuck me that a denial of service attack could be based on
including a *.test newsgroup in a Reply-To: header, causing the
autoreplies to get posted back into the *.test groups.

Some of the autoresponders seem to be set up to prevent this, others
not.  I don't know if anon.penet.fi is set up to prevent this sort of
regurgitation.

	--Paul