does the ip_conntrack subjected to DOS attack???

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a multi-part message in MIME format.

------=_NextPart_000_0021_01C281D6.ADB80D20
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

hi,
    it seems that once the ip_conntrack table is being filled up, the =
system will crash.=20

    Does it means that it is very vulnerable to DOS attack?

    I have performed a port scan using nmap on my box, and it is able to =
scan alot of ports being opened? How come this happened? I only allow =
established,related tcp packets and tcp port 22 New on INPUT to the box? =
The default policy is DROP.

    The result is=20
    port 22 open=20
    port 80 open

Why it is so? Pls advise. Thanks in advanced.

ben
    =20

   =20

------=_NextPart_000_0021_01C281D6.ADB80D20
Content-Type: text/html;
	charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; =
charset=3Diso-8859-1">
<META content=3D"MSHTML 6.00.2719.2200" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>hi,</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; it seems that once =
the=20
ip_conntrack table is being filled up, the system will crash. =
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; Does it means that =
it is very=20
vulnerable to DOS attack?</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; I have performed =
a&nbsp;port=20
scan using nmap on my box, and it is able to scan alot of ports being =
opened?=20
How come this happened? I only allow established,related tcp packets=20
and&nbsp;tcp port 22 New on INPUT to the box? The default policy is=20
DROP.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; The result is =
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; port 22 open =
</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; port 80 =
open</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>Why it is so? Pls advise. Thanks in=20
advanced.</FONT></DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>ben</FONT></DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; </FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2></FONT>&nbsp;</DIV>
<DIV><FONT face=3DArial size=3D2>&nbsp;&nbsp;&nbsp; =
</FONT></DIV></BODY></HTML>

------=_NextPart_000_0021_01C281D6.ADB80D20--
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux