[1091] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] inetd and denial-of-service

daemon@ATHENA.MIT.EDU (Paul D. Robertson)
Tue Aug 27 10:09:59 1996

Date: Sun, 25 Aug 1996 08:41:47 -0400 (EDT)
From: "Paul D. Robertson" <proberts@clark.net>
To: infinity <route@infonexus.com>
cc: shagboy@bluesky.net, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199608221549.IAA15611-RESENT@onyx.infonexus.com>

On Thu, 22 Aug 1996, infinity wrote:

> 	By very defintion of a SYN flood, the source address has to be
> 	forged.

This is simply not true.  There is a particular combination of
the SuperTCP PC stack and Netscape browser, for instance, that will,
given the correct versions, SYN flood the hell out of your web server.

In a malicious attack it would be stupid to SYN flood from your correct IP
address, but it is certainly possible.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts@clark.net      which may have no basis whatsoever in fact."
                                                                     PSB#9280

home help back first fref pref prev next nref lref last post