[4400] in linux-net channel archive
Re: SYN spoofing attacks
daemon@ATHENA.MIT.EDU (Marcos Assis Silva)
Sun Sep 15 18:21:23 1996
Date: Sun, 15 Sep 1996 16:31:20 -0300 (EST)
From: Marcos Assis Silva <assis@npd.uel.br>
To: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: linux-net@vger.rutgers.edu, jos@xos.nl
In-Reply-To: <m0v2Gr8-0005FbC@lightning.swansea.linux.org.uk>
On Sun, 15 Sep 1996, Alan Cox wrote:
|o| One more idea to throw into the can for bigger sites would be to look
|o| at modifying the masquerading code so a front end box can sit and
|o| wait for SYN SYN|ACK ACK transitions then pass the connection request through
|o| to the real host and bend the sequence numbers. That way you can have one
|o| box with a lot of ram that does nothing but hold connections and expire
|o| them appropriately. Such a box could if designed right also shield other
|o| non Linux systems.
|o|
Hi
I'm absolutely NOT sure about this, so no flames please. Just one
idea: to drop such idle TCP connections wouldn't fit like a glove into TCP
wrappers role? If not, please tell me about it. Best regards ...
...
. . . -(o o)-
_.,-*b'`-`'d*-,._.,-*b'`-`'d*-,._.,-*b'`-`'d*-,._/----oOO--(_)--OOo-----
=
UNIVERSIDADE ESTADUAL DE LONDRINA - UEL .:. assis @ npd.uel.br
Nucleo de Processamento de Dados - NPD <*> Marcos Assis Silva
Gerencia de Software Basico - GSB ":" Analista de Suporte
Parana - Brasil o
. . . = .
_.,-*b'`-`'d*-,._.,-*b'`-`'d*-,._.,-*b'`-`'d*-,._.,-*b'`-`'d*-,._.,-*b'`
