tcp,guardent,bellovin
Valdis.Kletnieks at vt.edu
Valdis.Kletnieks at vt.edu
Mon Mar 12 23:49:39 UTC 2001
On Mon, 12 Mar 2001 18:09:32 EST, "Richard A. Steenbergen" said:
> And since the "victim" will have the current sequence number for inbound
> data, what would keep it from (correctly) sending an RST and tearing down
> this false connection?
And THAT my friends, was the *original* purpose for a TCP SYN flood - it
wasn't to DOS the victim, it was to DOS a machine *trusted by* the victim
so you could forge a connection and NOT get nailed by an RST.
I'm sure that Steve Bellovin can point us at the original discussion
of this, which was *ages* ago. I remember hearing that Kevin Mitnick
used that (in addition to other tricks) against Shimomura's machines
and thinking "Hmm.. so it's *not* just a theoretical attack anymore..."
--
Valdis Kletnieks
Operating Systems Analyst
Virginia Tech
More information about the NANOG
mailing list