Re: Port scan with nmap causes infinite loop in casDGClient::processDG() [Re: CA gatway runs away when zero length PV name in UDP search request]

[Ralph Lange <ralph.lange@gmx.de>]

On Tue, Jan 16, 2018 at 5:06 PM, J. Lewis Muir <jlmuir@imca-cat.org> wrote:

On 01/15, Ralph Lange wrote:
> [...]
> Note, though, that Channel Access never claimed to be hardened. Even after
> fixing this behavior, an attacker on the local network will be able to
> cause all sorts of havoc by sending malformed network packages to CA
> servers and clients.
> Channel Access is not intended for use in a hostile environment.

I wouldn't call a port scan hostile.

True. Let me rephrase:

Channel Access is not intended for use in an environment where clients intentionally send malformed packages.

Cheers,
~Ralph