It probably should be in the list of default deny rules.
Danny
On Tue, 11 Mar 1997, David Luyer wrote:
>
> I can't see this being prevented anywhere in squid at the moment (quick
> glance through the source here). Now it's been on bugtraq is a good time
> to fix (prevent) it.
>
> David.
> ---------- Forwarded message ----------
> Date: Mon, 10 Mar 1997 23:29:34 -0500
> From: Christopher Blizzard <blizzard@APPLIEDTHEORY.COM>
> To: BUGTRAQ@NETSPACE.ORG
> Subject: Re: Lynx/MSIE denial-of-service
>
> In message <Pine.BSI.3.95.970310144258.7182A-100000@l0pht.com>, Doctor Who writ
> es:
> :Many systems run a service called "chargen" on port 19. It simply
> :generates a never-ending stream of characters.
> [...]
> :A URL such as http://localhost:19 could cause the "flooding" damage to a
> :system running lynx and chargen to occur almost instantly, because the
> :characters would of course come at a much higher speed.
> [...]
>
> You can also create a serios DOS attack when this is combined with a proxy
> server. Using the URL:
>
> http://some.proxy.host/http://some.host.on.the.local.lan:19/
>
> can bring some machines to a screaming halt.
>
> --Chris
>
> ------------
> Christopher Blizzard
> AppliedTheory Communications, Inc.
> blizzard@appliedtheory.com
> ------------
>
>
Received on Tue Jul 29 2003 - 13:15:40 MDT
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:11:14 MST