[Bug 192888] New: ipfw NAT vulnerable to simple DOS attacks
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Aug 21 13:57:22 UTC 2014
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192888
Bug ID: 192888
Summary: ipfw NAT vulnerable to simple DOS attacks
Product: Base System
Version: 9.2-RELEASE
Hardware: Any
OS: Any
Status: Needs Triage
Severity: Affects Many People
Priority: ---
Component: kern
Assignee: freebsd-bugs at FreeBSD.org
Reporter: napTu at front.ru
ipfw NAT vulnerable to DOS attacks by sending ip packets to external ip address
and any port.
In this situation CPU usage goes to 100%.
NAT should find a matched internal address, and, if not, skip the packet to
external ip.
This process (with failed search) take a many time and resources.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list