[3471] in bugtraq
Re: Excellent host SYN-attack fix for BSD hosts
daemon@ATHENA.MIT.EDU (Jeff Weisberg)
Tue Oct 15 23:53:22 1996
Date: Tue, 15 Oct 1996 18:33:05 -0400
Reply-To: Jeff Weisberg <jaw@Op.Net>
From: Jeff Weisberg <jaw@Op.Net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
Steve Kann <stevek@io360.com> writes:
| 3 days of letting a program rip doesn't seem like much price to pay for
| being able to subvert a packet filter rule. This is what has scared me
| about this solution from the outset. Am I missing something, or are we
| setting ourselves up to exchange a DOS condition for something worse?
well, if someone is going to spend a weekend randomly guessing at 32bit
numbers, there are other attacks they could go for that are not going to
fill someone's screen/logfiles with 100 "verify failed, dropping" every
second (which would (hopefully) be noticed)
--jeff
