[AG-TECH] Using quickbride for DOS attacks?

S.Booth spb at epcc.ed.ac.uk
Thu Jun 5 07:37:59 CDT 2003

On 5 Jun 2003, Grzesiek Sedek wrote:

> Correct me if I'm wrong but for me it looks like there is a possible
> issue with quickbride being used in DOS attacks on the other sites.
> I.E.:
> There is a AG session with 10 participating nodes running ( lets say
> 10MB/s in total ). 
> There is a quickbridge for that session too.
> Since UDP is connectionless protocol it's very easy to spoof orginator
> ip to look like it's comming from victims ip. Once you start sending
> spoofed packets victims site gets 10MB/s UDP flood.
> Has enyone expierienced anything like that?
> G.

Thats why I put access cointrol into quickbridge. You can restrict the 
IP addresses that quickbridge will accept unicast sessions from by
creating a bridge.acl file containing address netmask pairs 

Its not perfect but it lets you restrict this kind of thing to a certain

|epcc| Dr Stephen P Booth             Project Manager           |epcc|
|epcc| s.booth at epcc.ed.ac.uk          Phone 0131 650 5746       |epcc|

More information about the ag-tech mailing list