[4521] in North American Network Operators' Group
Re: A modest proposal
daemon@ATHENA.MIT.EDU (Michael Dillon)
Tue Sep 17 20:35:23 1996
Date: Tue, 17 Sep 1996 17:21:07 -0700 (PDT)
From: Michael Dillon <michael@memra.com>
To: nanog@merit.edu
In-Reply-To: <199609172353.TAA09201@bifrost.seastrom.com>
On Tue, 17 Sep 1996, Robert E. Seastrom wrote:
> In any event, once again I exhort everyone to not waste their time
> filtering the dialups. Filter your customers, filter your own
> networks; if you incidentally get most of your dialup servers covered
> by that umbrella, fine. If not, don't lose too much sleep over it --
> if you don't believe me, just config up a linux box with the code of
> your choice, and try to SYNflood someone over a dialup.
> Not worth the trouble. The far ends of the earth where not even the
> network admins speak English are on the ends of wet strings; it isn't
> worth the aggreivation to telnet through them, and launching a
> source-routed synflood through them would be self-defeating.
If it only takes 8 SYN packets to lock up a socket for 75 seconds then
effective SYN flood attacks certainly *CAN* be launched from a dialup
connection. And if the definition of an effective attack allows for
intermittently shutting down a socket then effective attacks certainly
*CAN be launched from places like Uruguay, Brazil, Indonesia and so forth.
Michael Dillon - ISP & Internet Consulting
Memra Software Inc. - Fax: +1-604-546-3049
http://www.memra.com - E-mail: michael@memra.com
