[4978] in North American Network Operators' Group
Re: TCP SYN attacks
daemon@ATHENA.MIT.EDU (Dima Volodin)
Thu Oct 3 16:41:49 1996
To: richards@netrex.com (Richard Stiennon)
Date: Thu, 3 Oct 1996 16:32:41 -0400 (EDT)
Cc: rja@cisco.com, nanog@merit.edu, iepg@iepg.org
In-Reply-To: <3.0b28.32.19961003160142.0073c860@trex.netrex.com> from "Richard Stiennon" at Oct 3, 96 04:01:43 pm
From: dvv@sprint.net (Dima Volodin)
Any data on how the firewall itself withstands SYN attacks? How much
resources are needed to cope with a real attack? From what I've read in
their white paper it's just a piece of SYN-processing code that was
duplicated (functionally) in the gateway, so all concerns about resource
usage and speed seem to be still valid.
Dima
Richard Stiennon writes:
>
> Check out the elegant solution just announced by Checkpoint:
>
> http://www.checkpoint.com/fw21/syndefender/syndefender-white.html
>
> This is a firewall solution. I like the psuedo-NAT done to adjust sequence
> number.
> ----------------------------------------------------------------------------
> Richard Stiennon richards@netrex.com
> Director, Business Development http://www.netrex.com
> Netrex, Inc. Voice: 810-352-9643
> Southfield, Michigan Fax: 810-352-2375
> -----------------------------------------------------------------------------
> Providing businesses and organizations with secure Internet solutions.
>
