[6539] in North American Network Operators' Group
Re: NAP/ISP Saturation WAS: Re: Exchanges that matter...
daemon@ATHENA.MIT.EDU (Tony Li)
Thu Dec 19 17:52:26 1996
Date: Thu, 19 Dec 1996 14:42:39 -0800 (PST)
From: Tony Li <tli@jnx.com>
To: amb@xara.net
CC: david@sparks.net, nanog@merit.edu
In-reply-to: <199612192229.WAA14506@diamond.xara.net> (amb@xara.net)
The fact remains that a ping packet stream a Linux 386SX would barely
notice maxes out a 7010 (far more powerful CPU)
Bzzzt. That's a 30Mhz 68040 you're talking about. You're 386SX is on par
if not ahead. And you might recall that it's handled at process level,
whereas Linux does it at kernel level (or at least other Unixen do).
Rather and obvious DoS attack, and one which even MS were red faced
enough to fix in their NT s/w pretty sharpish.
You can DoS attack anything with echos. Trying to make echo handling "fast
enough" is an untenable problem. So you should simply drop them on the
floor...
Tony
