On 12 Apr 2002, at 9:50, Noonan, Wesley wrote: > > -----Original Message----- > > From: Paul D. Robertson [mailto:[EMAIL PROTECTED]] > > Sent: Friday, April 12, 2002 07:41 > > To: Gary Flynn > > Cc: [EMAIL PROTECTED] > > Subject: Re: Cisco IDS > > > > On Fri, 12 Apr 2002, Gary Flynn wrote: > > > > > I'm certainly not going to argue with you about other means of > > > segmentation being more secure but > > > I'm wondering what the actual risk level is. The only vulnerability > > > report I've seen requires the > > > following conditions: > > > > > [snip] > > > > > > Are you aware of any other vulnerabilities or exploits? > > > > The ability to DoS the internal network if you can make the switch too > > busy is the most obvious one- and that can be pretty easy in some > > scenerios. > > Where is that one? How does one DoS a switch that generally has a >3GB > backplane with traffic that comes from a generally <100MB pipe?
In the case where I've seen this, there wasn't anywhere near enough traffic to saturate the fabric -- but drive the CPU to 100% utilization and/or exhaust the buffer allocation (one could result from the other), and suddenly most packets don't move.... DG _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
