[122] in bugtraq
Re: udp packet storms
daemon@ATHENA.MIT.EDU (smb@research.att.com)
Sun Oct 30 21:23:50 1994
From: smb@research.att.com
To: Peter Wemm <peter@haywire.DIALix.COM>
Cc: avalon@coombs.anu.edu.au (Darren Reed), cellwood@gauss.ELEE.CalPoly.EDU,
newsham@zang.kcc.hawaii.edu, bugtraq@fc.net
Date: Sun, 30 Oct 94 20:08:18 EST
tcp discard allows a "hostile" remote site to pump in a large amount
of traffic into your net, possibly congesting your link to the
internet.
You can't stop someone from sending a lot of traffic your way; they
can always send an infinite number of packets addressed to anything
that's reachable. It doesn't matter if the packet is sensible or not --
if it has your address on it, it will be routed your way. The best
you can manage is to arrange with your provider to filter out anything
you don't want on the Internet side of the comparatively slow link to
your site -- and then the attacker will flood you with something that
will get through that filter.
