- Individual Applications
Protect
Filter
Perform
Connect
Add-Ons
- Software Packages
- Complete Appliances
12-12-2011, 07:10 AM
|
#1 (permalink) |
 
Join Date: Nov 2008
Location: Westerville, Ohio, USA
Posts: 1,021
 |
Block browser based 'zip bomb' style attack?
Wasn't really sure where this belongs. It's not really an intrusion nor is it an attack. And while I suppose it could be spyware it doesn't really seem to fit there either so I'm sticking it here. Please move if you think it belongs somewhere else.
Anyway I was browsing readdit this morning (shhh...trying to avoid work  ) and stumbled upon this post.It reminds me of the old 'zip bomb' style attacks on an OS/hard drive but it's directed at the web browser and RAM to basically crash the browser. From what I was reading it's using gzip to send a small amount of data that when de-compressed is designed to fill the RAM of the machine and crash the browser. So this got me wondering...would there be any way to thwart these types of attacks at the Untangle/IPS level? I realize that (at least for the moment) it's just a proof of concept but it seems like it could be used with malicious intent. Thoughts? 
__________________
Dan You may one day find something interesting here. Today is not that day. Tomorrow isn't looking too good either. |
|
 |
| Thread Tools | |
|
|
