6. Resource Exhaustion & Abuse
6. Resource Exhaustion & Abuse
MCP servers that call heavy tools like nmap, masscan, or pdfparser can be abused to cause DoS.
Abuse Payload:
{
"task": "scan",
"targets": ["10.0.0.0/8"],
"scan_type": "udp",
"threads": 50000
}
Impact:
- CPU/memory spike
- Exhaustion of API quotas
- Log flooding or disk fill-up
Mitigation:
- Use job queue with concurrency caps
- Timeout and memory limit per execution
- Auto-ban abusive tokens/IPs