Bugtraq mailing list archives
Re: Excellent host SYN-attack fix for BSD hosts
From: mycroft () mit edu (Charles M. Hannum)
Date: Sun, 13 Oct 1996 18:33:06 -0400
Avi Freedman <freedman () netaxs com> writes:
No state is kept locally; when a SYN is received, an ISS is generated that contains a few bits for reference into a table of MSS values; window size and any initial data is discarded; and the rest of the ISS is the MD5 output of a 32-byte secret and all of the interesting header info.
This doesn't seem to deal with window scaling, which is a big lose on high-bandwidth networks. It also breaks TCP's algorithm for recognizing stale data.
Current thread:
- Re: Excellent host SYN-attack fix for BSD hosts Scriptors of DOOM (Oct 11)
- <Possible follow-ups>
- Re: Excellent host SYN-attack fix for BSD hosts Mark Graff (Oct 11)
- Poorly setup news servers Alan Brown (Oct 12)
- HPUX PPP Bug - bugger.ppl Aleph One (Oct 12)
- Re: Poorly setup news servers Bryan Reece (Oct 12)
- Re: Excellent host SYN-attack fix for BSD hosts Avi Freedman (Oct 12)
- Poorly setup news servers Alan Brown (Oct 12)
- Re: Excellent host SYN-attack fix for BSD hosts Charles M. Hannum (Oct 13)
- Re: Excellent host SYN-attack fix for BSD hosts Casper Dik (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Granville Moore (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Vern Paxson (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Alan Cox (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Darren Reed (Oct 15)
- ftpd bug? Was: bin/1805: Bug in ftpd James Poland 6-5251 (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Steve Kann (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 15)
(Thread continues...)