[4500] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

router syn/syn-ack/ack alarming...

daemon@ATHENA.MIT.EDU (Regis Donovan)
Tue Sep 17 16:33:14 1996

From: Regis Donovan <regisdo@microsoft.com>
To: "'nanog@merit.edu'" <nanog@merit.edu>
Date: Tue, 17 Sep 1996 13:23:35 -0700

um... maybe i'm missing the clue here, but if the router vendors add
something that shuts down an interface if the SYN/SYN-ACK/ACK ratio
becomes too bad make it *easier* for me if i'm doing a denial of service
attack on a host?  

instead of denying service to a given host, all i have to do is drive
the router into alarm mode so it shuts off the interface and then i get
to deny service to an entire segment and everything downstream from that
segment...

here's to better bang for your cracker-kiddie buck...
--regis
>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4500] in North American Network Operators' Group

router syn/syn-ack/ack alarming...

daemon@ATHENA.MIT.EDU (Regis Donovan)Tue Sep 17 16:33:14 1996

daemon@ATHENA.MIT.EDU (Regis Donovan)
Tue Sep 17 16:33:14 1996