[1091] in linux-security and linux-alert archive
Re: [linux-security] inetd and denial-of-service
daemon@ATHENA.MIT.EDU (Paul D. Robertson)
Tue Aug 27 10:09:59 1996
Date: Sun, 25 Aug 1996 08:41:47 -0400 (EDT)
From: "Paul D. Robertson" <proberts@clark.net>
To: infinity <route@infonexus.com>
cc: shagboy@bluesky.net, linux-security@tarsier.cv.nrao.edu
In-Reply-To: <199608221549.IAA15611-RESENT@onyx.infonexus.com>
On Thu, 22 Aug 1996, infinity wrote:
> By very defintion of a SYN flood, the source address has to be
> forged.
This is simply not true. There is a particular combination of
the SuperTCP PC stack and Netscape browser, for instance, that will,
given the correct versions, SYN flood the hell out of your web server.
In a malicious attack it would be stupid to SYN flood from your correct IP
address, but it is certainly possible.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
proberts@clark.net which may have no basis whatsoever in fact."
PSB#9280