nanog mailing list archives
Re: New Denial of Service Attack on Panix
From: Jeff Weisberg <jaw () Op Net>
Date: Thu, 3 Oct 1996 17:48:20 -0400
Avi writes: | > But of course. The problem is that SYN_RCVD is a transient state in the | > TCP automaton, and it requires some resources allocation. The life | > might have been a little bit different if servers weren't forced | > to track this state. Something like a signed ticket accompanying the | > second SYN and the following ACK. | > | > Dima | | That's the idea of making the iss a ticket that includes mss info and | a hash of the other info plus a security ticket. | | I had hoped to work on that but it looks like someone else local is almost | done and claims that ignoring window size and any data with the SYN(s) | is harmless... "someone else local" :-) has thrown the initial implementation up on his ftp server; sun3 & sun4 .o's and a back-port to Net/2 src code (note though, I have not tested the Net/2 port): ftp.op.net:/pub/src/syn-prophylactica/ I have been able to withstand a ~600+ syn/sec attack with no noticable problems (slightly increased load, but no dropped connections). --jeff - - - - - - - - - - - - - - - - -
Current thread:
- Re: TCP SYN attacks, (continued)
- Re: TCP SYN attacks Zach (Oct 03)
- Re: TCP SYN attacks Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Oct 02)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 02)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Oct 03)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Oct 03)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- Re: New Denial of Service Attack on Panix Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 03)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 03)
- Re: New Denial of Service Attack on Panix Jeff Weisberg (Oct 03)
- Re: New Denial of Service Attack on Panix Avi Freedman (Oct 03)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Oct 03)
- Re: New Denial of Service Attack on Panix Daniel W. McRobb (Oct 03)
- Re: New Denial of Service Attack on Panix Paul Ferguson (Oct 03)