nanog mailing list archives
Re: TCP SYN attacks - a simple solution
From: Avi Freedman <freedman () netaxs com>
Date: Sun, 6 Oct 1996 20:11:21 -0400 (EDT)
I'm going to implement this, using boring old md5, and give it a try, but I was wondering if there are any thoughts about this as a solution? Any obvious holes I missed. Rex di Bona.
Using md5, it seems to be working just fine (when it works and doesn't crash :)). Code for starters can be found at ftp.op.net:/pub/src/synprophylactica, I believe. One thing: You must STORE the MSS as part of the iss, or a table of common MSS values. Initial data and window args you seem to be able to ditch without effect. Avi - - - - - - - - - - - - - - - - -
Current thread:
- TCP SYN attacks - a simple solution Rex di Bona (Oct 06)
- Re: TCP SYN attacks - a simple solution Avi Freedman (Oct 06)
- <Possible follow-ups>
- Re: TCP SYN attacks - a simple solution Matthew Kaufman (Oct 06)
- Re: TCP SYN attacks - a simple solution Avi Freedman (Oct 06)
- Re: TCP SYN attacks - a simple solution Mike O'Dell (Oct 06)
- Re: TCP SYN attacks - a simple solution Tim Bass (Oct 06)
- Re: TCP SYN attacks - a simple solution Perry E. Metzger (Oct 06)
- Re: TCP SYN attacks - a simple solution Tim Bass (Oct 06)
- Re: TCP SYN attacks - a simple solution Jeff Weisberg (Oct 07)
- Re: TCP SYN attacks - a simple solution Avi Freedman (Oct 07)
- Re: TCP SYN attacks - a simple solution Jeff Weisberg (Oct 07)