[4648] in North American Network Operators' Group
Re: New Denial of Service Attack on Panix
daemon@ATHENA.MIT.EDU (Dima Volodin)
Sun Sep 22 10:23:59 1996
To: avg@quake.net (Vadim Antonov)
Date: Sun, 22 Sep 1996 10:15:35 -0400 (EDT)
Cc: michael@memra.com, nanog@merit.edu, iepg@iepg.org
In-Reply-To: <199609211932.MAA00678@quest.quake.net> from "Vadim Antonov" at Sep 21, 96 12:32:45 pm
From: dvv@sprint.net (Dima Volodin)
Having agreed with Vadim's message in its entirety, I want to add some
more - as I see it, SYN-flood attacks are made real by inadequate TCP
implementations on the majority of Internet-connected boxes, i.e. these
said boxes just cannot keep up with the rate their network interfaces
supply packets to them. Is it fixable on the host level? My gut feeling
says "most probably, yes." Does it eliminate the need for the measures
outlined by Vadim? Of course, not.
Dima
