Denial of Service on Bro via Scott Crosby and Dan Wallach's method...fixedin bro-pub-0.8a32?

Jim Mellander jmellander at lbl.gov
Sat Jul 12 19:14:59 PDT 2003


Christopher Jay Manders wrote:
> 
> Hi,
> 
> I am interested to do some further testing of this, but does the a32
> release have the fixes for the hashing issue inside? (I am referring to
> their paper at: http://www.cs.rice.edu/~scrosby/hash/.)
> 
> Has this been extensively tested?
> 
> Tx!
> 
> Chris


if you look in Hash.cc, you'll see the use of MD5 as a hashing function,
although the old hashing function can still be used - it certainly is
lighter weight & thus retains a performance advantage, less the DOS
attack.

-- 
Jim Mellander
Incident Response Manager
Computer Protection Program
Lawrence Berkeley National Laboratory
(510) 486-7204

Your fortune for today is:

What's so funny?



More information about the Bro mailing list