New Denial of Service Attack on Panix

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> I agree completely, but neither one is a panacea.

Actually, after the details of Random Drop is worked out
including the proper queue size and the drop algorithm
we have gone a long way to protecting servers from
TCP SYN attacks.

I have the beginnings of Random Drop working now based
on Alan->Vernnon->Morris; and have been working on
'how to fire hose' the interface and make it work,
with kernel print statements in every junction
and reboot after reboot after kernel build, etc. 
ad you-know-what.

The TCP fix and possibly and ICMP fix (and more work on
kernel hackers part) will, I can safely predict, the
faster short term solution than trying to coordinate
the world into doing filters.

Random Drop, is not a panacea, as you say Paul, but it
is a very big, big step in the right direction and
I predict that within 30 days and at the latest 60
days (because people are busy) that the SYN attack
much less 'troublesome'.

Tim

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]