New Denial of Service Attack on Panix

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In message <v03007814ae643a8d0173@[198.68.110.3]>, "Erik E. Fair" writes:
> Your suggestion has two flaws:
> 
> 1. missed SYN ACKs due to asymmetric routing.

On the order of 1,000 pps worth?

> 2. missed SYN ACKs due to diode routes.

Again.  On the order of 1,000 pps worth?

Remeber that a corrected kernel needs on the order of 1,000 pps on
SYNs to have an effect (much more if the timer is dropped from 75
seconds).  With the hashed PCBs the host doesn't even slow down all
that much either.

OTOH if the attacked host has a listen queue of 8 or something real
small, it only takes one packet every 8 seconds or so to keep the
queue full with a 75 second timer.

Curtis

• Previous message (by thread): New Denial of Service Attack on Panix
• Next message (by thread): New Denial of Service Attack on Panix
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]