Denial Of Service attack in asynchronous communication
by maver1k - 1/26/13 12:55 PM
Is Low rate DOS attack (unintended) possible through asynchronous communication? Consider this scenario:
I have a client server application were there is a WAN communication between the client and server. Client makes synchronous calls to the service and so waits for a response. Now there happens some nasty WAN issue causing the latency to spike. In this case the server might wait for the packets to arrive while the client could timeout and start a new connection. If this happens fast enough the server might get saturated with connections causing legitimate connection requests to be dropped causing DOS.
Now if the communication is asynchronous the client will not wait for the response and repeated attempts wont happen. This seems to protect from DOS?
Am I correct here? or where did I go wrong ?