(By now, this problem is purely theoretical, since we have found a way to avoid it. However, I couldn’t solve it at the time it presented itself.)
Using Java, I want to discover and download a file from a single fixed server via SSH FTP at fixed intervals.
The remote server, the protocol, the timing and the file are outside my control.
The remote server is controlled by a trusted source.
I am currently using Java implementations of ls and get to do download the files.
My client is quite security-conscious, so he wants to prevent as many technical angles of attack as possible.
While thinking about the possibility of a malign entity either impersonating or taking control of the remote server, I noticed that they might replace the usual server with an implementation that replies to ls with an infinite list of files, or replies to get with an infinite stream of bytes.
At some point, my memory or harddrive would break and my program crash.
Assuming that I don’t know the size a file could take, are there ways to detect and prevent such an attack without stopping legal (but large) downloads?
I was thinking about checking the number of files/file size beforehand, but even then an attacker could trigger his attack only after I had made such checks.
Unless there is a flaw in the client-side implementation of SSH or the trusted site’s private keys are leaked or cracked, it should not be possible to impersonate the site.
I don’t think so.
The problem is how you distinguish a “legal but large” download from a large download from a compromised server?
I think that the solution is is to place a limit on download size.
The other thing to note is that this is that even if the bad guys do trick you into doing an “infinite” download: