New Denial of Service Attack on Panix

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

> Have a look at the firewalls mailing list archive for more info
> http://www.greatcircle.com/firewalls/archive/firewalls.9609.Z
> 
> There are at least three things you can do to protect yourself from such
> attacks. One is to patch your UNIX/BSD kernel to allow much higher numbers
> of incomplete socket connections. One is to have another machine or your
> network issue RST's for sockets that it thinks are part of the SYN flood

I like this.  

> attack. And one is to install a SYN proxy machine between your net and the
> Internet which catches all SYN packets and holds them until an ACK is
> received at which point the SYN and the ACK are passed on to your network. 

I like this even more, but the potential for disaster if the box goes down
is just too huge...

> Such a proxy can be built to handle HUGE numbers of incomplete conections.
> 
> Michael Dillon                   -               ISP & Internet Consulting

Avi

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]