Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Windows Net Apps :: win4841.htm

ISA server DoS
5th Nov 2001 [SBWID-4841]

	ISA server DoS


	 Windows 2000 Server + Service Pack 2 

	 Microsoft ISA Server Enterprise Edition Full + All Fixes



	Tamer Sahin ( posted :

	A fragmented Udp attack through  the  microsoft  isa  server  makes  the
	system hampered  by  using  the  cpu  at  100%.  Meanwhile  server  uses
	processor power too much and therefore packet process ratio decreases.

	You may reach the session log through



	opentear.c by RootShell







	Microsoft answers :

	ISA can be configured to drop fragmented packets and, if this  is  done,
	it significantly helps protect the system against flooding attacks  like
	this. However, even so, it\'s not a cure-all. Even inspecting and  dropping
	packets takes some  finite  amount  of  work,  and  once  again  if  the
	attacker has sufficient bandwidth, he may be able to flood  the  server.
	Again, though, there isn\'t a  flaw  in  ISA  server  -  -  -  --  it\'s
	strictly a flooding attack.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH