NAP/ISP Saturation WAS: Re: Exchanges that matter...
Tony Li
tli at jnx.com
Thu Dec 19 22:42:39 UTC 1996
The fact remains that a ping packet stream a Linux 386SX would barely
notice maxes out a 7010 (far more powerful CPU)
Bzzzt. That's a 30Mhz 68040 you're talking about. You're 386SX is on par
if not ahead. And you might recall that it's handled at process level,
whereas Linux does it at kernel level (or at least other Unixen do).
Rather and obvious DoS attack, and one which even MS were red faced
enough to fix in their NT s/w pretty sharpish.
You can DoS attack anything with echos. Trying to make echo handling "fast
enough" is an untenable problem. So you should simply drop them on the
floor...
Tony
More information about the NANOG
mailing list