[4990] in North American Network Operators' Group


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: TCP SYN attacks

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Thu Oct 3 18:41:29 1996

To: Richard Stiennon <richards@netrex.com>
cc: nanog@merit.edu, iepg@iepg.org
In-reply-to: Your message of "Thu, 03 Oct 1996 16:01:43 EDT."
             <3.0b28.32.19961003160142.0073c860@trex.netrex.com> 
Reply-To: perry@piermont.com
Date: Thu, 03 Oct 1996 18:35:46 -0400
From: "Perry E. Metzger" <perry@piermont.com>


Richard Stiennon writes:
> Check out the elegant solution just announced by Checkpoint:
> 
> http://www.checkpoint.com/fw21/syndefender/syndefender-white.html
> 
> This is a firewall solution. I like the psuedo-NAT done to adjust sequence
> number.

I'm not fond of this class of solution. I'll also point out that it
appears that kernel fixes almost completely alleviate the problem.

Perry


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[4990] in North American Network Operators' Group

Re: TCP SYN attacks

daemon@ATHENA.MIT.EDU (Perry E. Metzger)Thu Oct 3 18:41:29 1996

daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Thu Oct 3 18:41:29 1996