Comment 3 for bug 1184041
Revision history for this message
| Russell Bryant (russellb) wrote Re: Potential Denial of Service using source_security_groups | #3 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
73416ba
(Get the code!)
It definitely sounds nasty. It seems OSSA worthy to me. I guess we could use some more opinions. Sometimes I feel overly conservative when considering DOS vulnerabilities.
If I understand this correctly, the number we're talking about is blocking rpc calls made to the network service. Starting 20 instances isn't too hard, and resulting in 28,700 rpc calls in this example is pretty darn bad.