[2326] in bugtraq
Re: denial of service attack possible
daemon@ATHENA.MIT.EDU (Darren Reed)
Wed Nov 1 13:15:51 1995
Date: Sun, 29 Oct 1995 17:50:22 +1100
Reply-To: Bugtraq List <BUGTRAQ@CRIMELAB.COM>
From: Darren Reed <avalon@coombs.anu.edu.au>
X-To: BUGTRAQ@CRIMELAB.COM
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@CRIMELAB.COM>
In-Reply-To: <199510272019.NAA27175@statler.csc.calpoly.edu> from "Nathan
Lawson" at Oct 27, 95 01:19:02 pm
In some mail from Nathan Lawson, sie said:
[...]
> This doesn't address direct d.o.s. attacks, though. I think that Solaris's
> tcp_eager_listeners option could be used to allow your application to process
> connection requests before the complete 3-way handshake. Other than that,
> it's up to you whether you want to violate RFC's and perhaps break other things
> by dropping connection requests from the queue faster or limiting the number
> of requests from one machine.
I think that Linux also implements TCP in a similar way - I've seen and made
inetd on linux return half open connections that were closed before anything
got to run (tcp wrappers, etc). Looks very strange in logs.
darren
