SYN floods continue
Joseph T. Klein
jtk at nap.net
Wed Sep 11 16:04:18 UTC 1996
>
>
> I don't know, but since nobody else seems to either, how about a
> router box that detects excessive SYN activity and then automatically
> blocks that ip address for awhile? I suppose it just means that
> the attacker has to vary the source address rapidly.
>
> > Anyway. Point is this: We can't take too much more of this, nor can our
> > customers. I have yet to hear *anyone* come up with any ideas even remotely
> > reasonable for how to deal with this situation, long term, except for the
>
>
If they modulate the phasers we just need to modulate the sheilds. :-O
If someone comes up with a good solution we will be glad to impliment it.
--
/*Joseph T. Klein * Keep Cool, but Don't Freeze
* NAP.NET, LLC *
* phone +1 414 747-8747 * - Hellman's Mayonnaise
* http://www.nap.net */
More information about the NANOG
mailing list