Re: Preventing Denial of Service Attack In IPC Serialization
On Jul 10, 7:28 am, Nominal Pro <majorsc...@gmail.com> wrote:
On Jul 9, 8:51 am, Le Chaud Lapin <jaibudu...@gmail.com> wrote:
Your honor, I enter the preceding statement by Le Chaud Lapin into
state's evidence :)
Criminal acts only proves that it IS a security issue, and needs to be
handled as such. As I stated before, duct tape on a serialization
framework is a poor way to deal with a security issue.
How colorful are your replies!
I should mention, I agree with you in spirit about robustness, and
simply "doing it right."
However, thought I have not finished the model yet, I am now getting
the feeling that the stack-based model that I proposed earlier will
probably allow us to "have our cake and eat it", without intermediate
buffers. In other words, I think, it is possible to prevent DoS using
my method.
But wait! ....
I know what you're thinking...without authenticity on the link,
packets sent from sender to receiver can be spoofed, injected into the
data stream at random. This is true, and yes, with the current
Internet, a true authenticity model will be required.
However, as I mentioned, we do research in this area, and in our
model, it is not possible for packet-spoofing to occur by having the
true sender lie about the source address in the packet.
That said, today, in the current Internet, yes, as you said before, a
PKI is required if one wants to have their cake and eat it with
serialization.
-Le Chaud Lapin-
--
[ See http://www.gotw.ca/resources/clcm.htm for info about ]
[ comp.lang.c++.moderated. First time posters: Do this! ]