6 Oct
2003
6 Oct
'03
6:08 a.m.
On Mon, 6 Oct 2003, Peter Galbavy wrote:
Erm, I can see a huge DoS hole waiting to happen to any protocol that doesn't in turn implement some sort of authentication of the server. The more protocols you allow to do this, the more potential for DoS of important (possibly) client information.
Uhm, you are also aware that if the attacker can spoof the kiss-o'-death packets; the same attacker could spoof all sorts of other packets including the time protocol packets to change the clock on your computer.