On Mon, 15 Mar 2004 23:55:04 +0200 (EET) Pekka Savola <pekkas@netcore.fi> wrote: > Isn't there a problem when an outside attacker brute-force pings every > IP address in some order? The intent here is to overload the router > to do a lot of ARP/ND requests which result to nothing. Since another request for the same IP won't spam out another ARP request whilst we have an existing entry in state "resolve in progress", the damage is quite limited I'd say. Sounds to me like the backlog of packets we keep around for each "resolve in progress" neighbour cache entry is more interesting for DoS purposes :-) - : send the line "unsubscribe linux-net" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
