"David S. Miller" <davem@redhat.com> writes: > From: Simon Kirby <sim@netnation.com> > Date: Tue, 20 May 2003 17:09:36 -0700 > > It's rather difficult to follow, but I don't see any "h4r h4r, expl0it > th3 L1nux h4sh" comments or anything in the code that seems to attempt to > exploit the hash algorithms in (older) Linux. > > Look at the vc[] table and how it uses this in rndip(). The vc[] table is used to generate packets which don't fall victim to widely implemented source address checks (e.g. "ip verify unicast source reachable-via any" on recent Cisco routers). I've checked the generated packets and they appear to be distributed rather evenly among about 3,000 of the 8,192 hash buckets (with the old hash function, of course), so juno-z.101f.c does not specifically choose source addresses to trigger collisions. (BTW, that's the reason why I consider the hash collision DoS attack not too relevant in practice -- anybody who wants to DoS my machine can probably send lots of packets to it. juno-z.101f.c just works well enough, even if it doesn't saturate all available bandwidth.) - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
