[127] in bugtraq
Re: udp packet storms
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Mon Oct 31 11:13:34 1994
To: Peter Wemm <peter@haywire.DIALix.COM>
Cc: bugtraq@fc.net
In-Reply-To: Your message of "Mon, 31 Oct 1994 05:32:01 +0800."
<199410302132.FAA06834@haywire.DIALix.COM>
Reply-To: perry@imsi.com
Date: Mon, 31 Oct 1994 08:13:54 -0500
From: "Perry E. Metzger" <perry@imsi.com>
Peter Wemm says:
> Darren Reed writes:
> > Sorry, I missed out on the reason why we should disable discard.
> > Would you mind explaining it ? I thought it was like it's name sake -
> > a sink hole (blackhole if you like) for packets. Sort of like /dev/null.
>
> tcp discard allows a "hostile" remote site to pump in a large amount
> of traffic into your net, possibly congesting your link to the
> internet.
That can be done without having discard around, you know. I can simply
spray you with UDP datagrams on any port whether you accept them or
not -- routers are not psychic, you know. They pass on the traffic
regardless unless they are rigged to filter -- and usually they aren't.
Perry
