[4139] in linux-net channel archive
Re: SYN floods
daemon@ATHENA.MIT.EDU (Racer X)
Thu Aug 22 03:14:59 1996
Date: Thu, 22 Aug 1996 00:19:10 -0400 (EDT)
From: Racer X <shagboy@wspice.com>
Reply-To: shagboy@bluesky.net
To: nelson@crynwr.com
cc: linux-net@vger.rutgers.edu
In-Reply-To: <19960820153018.15995.qmail@ns.crynwr.com>
On 20 Aug 1996 nelson@crynwr.com wrote:
> I don't think you understand. All that needs happen is that, e.g., my
> provider should block all source addresses that it doesn't have a
> destination route to. So for my network, if it doesn't say "from
> 192.203.178.*", it doesn't pass my router. In other words, it should
> prohibit non-symmetric routing.
I can STILL say I come from any IP I want. Your provider will (should)
have a route to the class C I am connected by. I can (at the very least)
say I am coming from any of the 254 possible hosts on that net.
Besides that, how does a backbone router ultimately know "where" a packet
came from? I guess maybe it could check to see which side it comes in,
but that's an awful big table it has to keep in memory. Considering how
often many major routers go down already, I'd really rather do it
myself...
shag
Judd Bourgeois | When we are planning for posterity,
shagboy@bluesky.net | we ought to remember that virtue is
Finger for PGP key | not hereditary. Thomas Paine
