I know about DoS by TCP SYN segments & want to know can it possile a DoS attack by TCP data segments?
Asked
Active
Viewed 618 times
2
-
"Also" in addition to what? – user142485 Feb 01 '13 at 14:36
-
@user142485 I know about DoS by TCP SYN segments & want to know can it possile a DoS attack by TCP data segments? – Moeen Feb 01 '13 at 14:38
-
Yes. Malformed packets is a common example. If you are talking about only through legitimate connections, also yes. If there is enough traffic, service issues will occur. Have you tried to use Best Buy's website on Black Friday? – user142485 Feb 01 '13 at 14:49
2 Answers
3
syn, ack, etc are just header bits, not a specific type of segment. as such the only possible definition of a 'syn segment' is a segment with the syn bit set, but that does not mean it doesn't have data. all TCP packets have a set of header bits to maintain the windowing and connection orientation, but there would never be a packet with no header bits set in the 13th byte.
the attacks you are interested in are leveraging the internals of the TCP stack, to create the desired effect, so only parts of the segment processed by the TCP stack (header data) are vulnerable. the data, which is not evaluated at the TCP layer wouldn't be capable of having bad effect, unless the stack failed to validate the overall structure of the segment (which is unlikely).
Bad data could be used to cause problems with layer 5 and above however. just not the TCP stack itself.
Frank Thomas
- 35,097
- 3
- 77
- 98
0
That depends on the target. There have been numerous variations on that theme (SYN floods come to mind), and the different TCP stacks have been fixed to work around those (or at least mitigate them). TCP is the face the machine exposes to the miscreants breeding on the Internet...
vonbrand
- 2,451
- 3
- 21
- 21