New Denial of Service Attack on Panix

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix:
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is the excellent idea!  Actually, router vendors may simply
add a feature which shuts down the interface if SYN/SYN-ACK balance
is too bad -- thus disconnecting the hacker-to-be.

Of course, that balance may be decaying with time, so repeated
unsuccessful attempts to connect won't trigger alarms.

--vadim

Forrest W. Christian <forrestc at iMach.com> wrote:

Maybe I'm missing something here, but wouldn't these Denial of Service 
attacks cause a severe mismatch in the numbers of SYNs and SYN-ACKs on a 
given router interface?

If so, then couldn't we just sweet-talk cisco into providing 5 minute 
counts of syns and syn-acks on an interface?

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix:
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]