New Denial of Service Attack on Panix

Dima Volodin dvv at sprint.net
Sun Sep 22 14:15:35 UTC 1996


Having agreed with Vadim's message in its entirety, I want to add some
more - as I see it, SYN-flood attacks are made real by inadequate TCP
implementations on the majority of Internet-connected boxes, i.e. these
said boxes just cannot keep up with the rate their network interfaces
supply packets to them. Is it fixable on the host level? My gut feeling
says "most probably, yes." Does it eliminate the need for the measures
outlined by Vadim? Of course, not.


Dima





More information about the NANOG mailing list