TCP SYN attacks - a simple solution
Avi Freedman
freedman at netaxs.com
Mon Oct 7 00:11:21 UTC 1996
> I'm going to implement this, using boring old md5, and give it a try,
> but I was wondering if there are any thoughts about this as a solution?
> Any obvious holes I missed.
>
> Rex di Bona.
Using md5, it seems to be working just fine (when it works and doesn't
crash :)).
Code for starters can be found at ftp.op.net:/pub/src/synprophylactica,
I believe.
One thing: You must STORE the MSS as part of the iss, or a table of common
MSS values. Initial data and window args you seem to be able to ditch without
effect.
Avi
More information about the NANOG
mailing list