[4544] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: A modest proposal

daemon@ATHENA.MIT.EDU (Curtis Villamizar)
Wed Sep 18 02:18:46 1996

To: Michael Dillon <michael@memra.com>
cc: nanog@merit.edu
Reply-To: curtis@ans.net
In-reply-to: Your message of "Tue, 17 Sep 1996 17:21:07 PDT."
             <Pine.BSI.3.93.960917171801.21768H-100000@sidhe.memra.com> 
Date: Wed, 18 Sep 1996 02:14:10 -0400
From: Curtis Villamizar <curtis@ans.net>


In message <Pine.BSI.3.93.960917171801.21768H-100000@sidhe.memra.com>, Michael 
Dillon writes:
> 
> If it only takes 8 SYN packets to lock up a socket for 75 seconds then
> effective SYN flood attacks certainly *CAN* be launched from a dialup
> connection. And if the definition of an effective attack allows for
> intermittently shutting down a socket then effective attacks certainly
> *CAN be launched from places like Uruguay, Brazil, Indonesia and so forth.


If you can't fix this so its closer to 60,000 than 8 you're on the
wrong side of the firewall.  This is where a packet filtering router
doesn't do the trick.

Curtis


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4544] in North American Network Operators' Group

Re: A modest proposal

daemon@ATHENA.MIT.EDU (Curtis Villamizar)Wed Sep 18 02:18:46 1996

daemon@ATHENA.MIT.EDU (Curtis Villamizar)
Wed Sep 18 02:18:46 1996