Bugtraq mailing list archives
Re: Excellent host SYN-attack fix for BSD hosts
From: vern () ee lbl gov (Vern Paxson)
Date: Wed, 16 Oct 1996 10:48:14 PDT
It will not necessarily break T/TCP. T/TCP is supposed to be compatible w/ TCP and I think you can pretend that you only ack'ed the SYN rather than the data + FIN that come with T/TCP in the same packet.
Right. Doing so loses the quick-start capability of T/TCP, but if you only do it when the queue is near full, this isn't much of a lose.
So T/TCP is only benificial of reply & response fit in 500 or so bytes, such transactions are a-typical, even for HTTP for which T/TCP was originally developed (most replies are much longer)
The main benefit comes with speeding up the *request*. These are quite small. Looking at yesterday's logs in & out of LBL, out of 272,219 requests, 92% were <= 512 bytes. Furthermore, a T/TCP implementation can cache the MSS previously used and if it's larger (not uncommon anymore) it can use that. (The median HTTP reply, by the way, was 2.5 KB.) Vern
Current thread:
- Re: Excellent host SYN-attack fix for BSD hosts, (continued)
- Re: Excellent host SYN-attack fix for BSD hosts Granville Moore (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Vern Paxson (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Alan Cox (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Darren Reed (Oct 15)
- ftpd bug? Was: bin/1805: Bug in ftpd James Poland 6-5251 (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 14)
- Re: Excellent host SYN-attack fix for BSD hosts Steve Kann (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Jeff Weisberg (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts D. J. Bernstein (Oct 15)
- Re: Excellent host SYN-attack fix for BSD hosts Vern Paxson (Oct 16)