Denial of Service on Bro via Scott Crosby and Dan Wallach's method...fixedin bro-pub-0.8a32?

Jim Mellander jmellander at
Sat Jul 12 19:14:59 PDT 2003

Christopher Jay Manders wrote:
> Hi,
> I am interested to do some further testing of this, but does the a32
> release have the fixes for the hashing issue inside? (I am referring to
> their paper at:
> Has this been extensively tested?
> Tx!
> Chris

if you look in, you'll see the use of MD5 as a hashing function,
although the old hashing function can still be used - it certainly is
lighter weight & thus retains a performance advantage, less the DOS

Jim Mellander
Incident Response Manager
Computer Protection Program
Lawrence Berkeley National Laboratory
(510) 486-7204

Your fortune for today is:

What's so funny?

More information about the Bro mailing list