> If someone wanted to "take down" UUNET's (or any other provider that > uses a lot of Ascend Max's) dial-up network, I wonder if it would > really be that easy. Any one volunteering to try? Those 3l33t d00ds > on IRC are sure to try eventually. It would if they had immediate modem enabled. I would bet that very few do. The problem with this attack is that it is difficult to do without using a real IP address. That makes it easy to trace. OTOH, I haven't looked at how randomized the initial sequence number generation on MAXes is. If it is poor, it could well be possible to do with forged source addresses. Ascend's TCP code isn't overly robust; doesn't normally matter since it is just routing. I still remember the cool bug where I could disconnect from a telnet session to a MAX (even reboot the client the telnet connection came from), then when I made another telnet connection from the same client it would immediately drop me into the max where I was when I left--no authentication, nothing. I brought this up with Ascend once upon a time, but they didn't seem to interested in trying to track it down. Since it isn't a huge security problem (only happens in rare circumstances, incolving the same host making the connections and a loss of network connectivity between the client and the MAX for just the right time period. > > There are a LOT of Black Hats out there. Both MCSNet and ANet-Chi > (two fairly large midwestern ISP's) were taken out for several hours > within the past two weeks. Both have at least 2 T-3's to different > backbone providers. EVERY DAY ISP's, both large and small suffer > Denial of Service Attacks that cripple thier networks. These attacks > cost ISP's a lot of money. They piss off customers, require staff to > come into the NOC, degrade service, and take a lot of people's time. Exactly. And vendors have a responsibility to make their boxes resistent to such attacks. It must be a basic part of any feature. ++ Ascend Users Mailing List ++ To unsubscribe: send unsubscribe to ascend-users-request@bungi.com To get FAQ'd: <<A HREF="http://www.nealis.net/ascend/faq">http://www.nealis.net/ascend/faq</A>> </PRE> <!--X-MsgBody-End--> <!--X-Follow-Ups--> <HR> <STRONG>Follow-Ups</STRONG>: <UL> <LI><STRONG><A HREF="msg09617.html">Re: (ASCEND) Feature Requests and Ascend?</A></STRONG></LI> <UL> <LI><EM>From</EM>: Eric Wieling <eric@ccti.net></LI> </UL> </UL> <!--X-Follow-Ups-End--> <!--X-References--> <STRONG>References</STRONG>: <UL> <LI><STRONG><A HREF="msg09612.html">Re: (ASCEND) Feature Requests and Ascend?</A></STRONG></LI> <UL> <LI><EM>From</EM>: Eric Wieling <eric@ccti.net></LI> </UL> </UL> <!--X-References-End--> <!--X-BotPNI--> <HR> <UL> <LI>Prev by Date: <STRONG><A HREF="msg09619.html">Re: (ASCEND) PPP Echo Failed with Macintosh Customers</A></STRONG> </LI> <LI>Next by Date: <STRONG><A HREF="msg09616.html">(ASCEND) Re: PPP Echo Failed with Macintosh Customers</A></STRONG> </LI> <LI>Prev by thread: <STRONG><A HREF="msg09612.html">Re: (ASCEND) Feature Requests and Ascend?</A></STRONG> </LI> <LI>Next by thread: <STRONG><A HREF="msg09617.html">Re: (ASCEND) Feature Requests and Ascend?</A></STRONG> </LI> <LI>Index(es): <UL> <LI><A HREF="mail17.html#09618"><STRONG>Main</STRONG></A></LI> <LI><A HREF="thrd198.html#09618"><STRONG>Thread</STRONG></A></LI> </UL> </LI> </UL> <!--X-BotPNI-End--> <!--X-User-Footer--> <!--X-User-Footer-End--> </BODY> </HTML>