[4196] in linux-net channel archive
Re: SYN floods
daemon@ATHENA.MIT.EDU (Martin Mares)
Tue Aug 27 04:24:56 1996
From: Martin Mares <mj@k332.feld.cvut.cz>
To: linux-net@vger.rutgers.edu
Date: Tue, 27 Aug 1996 10:09:12 +0200 (MET DST)
Hi,
> The problem is twofold: it uses up network bandwidth, just like an
> ICMP (ping) attack, but it also uses up kernel memory. You can turn
> off ICMP temporarily, which at least gives you some outgoing
Shouldn't we also limit the rate of outgoing Echo Reply packets as
we do in the case of ICMP errors? It wouldn't solve the ping attack
problem completely, but the impact would be substantially less.
Martin
