TCP receive window set to 0; DoS or not?
nanog at shankland.org
Sat Sep 9 00:55:59 UTC 2006
Travis Hassloch <travis.hassloch at rackspace.com> writes:
> The part where it becomes a DoS is when they tie up all the listeners
> on a socket (e.g. apache), and nothing happens for several minutes until
> their connections time out. Whether intentional or not, it does have
> a negative effect.
Ah, that makes sense. I was assuming a deliberate attack, which is
not actually implicit in the term "DoS". A deliberate denial of
service is not made easier by shrinking the window. But an implementation
that advertises a 0 window in lieu of sending FIN or RST can certainly
deny service inadvertently by tying up resources that should have been
More information about the NANOG