I have a question about socket timeouts in TCP. If by doing a certain request to

Question

I have a question about socket timeouts in TCP.

If by doing a certain request to a server a client's socket is timed-out, can there be a security vulnerability ?

Is a timeout synonymous to the server keeping a socket open and thus being vulnerable to a (D)DOS that would exhaust every available file descriptor ?

I have heard about TCP keep-alive and from my limited understanding this means that the same socket is reused for multiple connections originating from the same host.

This would effectively nullify a DOS attack based on file descriptor exhaust.

But can a request leading to a timeout mean anything in terms of security / vulnerability ?

Explanation / Answer

There have been several resource exhaustion attacks over the years that simply fill up all available connections and idle until timeout. This stops the server from accepting any new connections until the attack stops. Probably the most famous of these tools is the slow loris attack which expands on the old method by sending low amounts of data at a very slow rate, thus preventing the timeout while keeping the socket open almost indefinately.

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.