nanog mailing list archives
Re: SYN floods (was: does history repeat itself?)
From: "Mr. Jeremy Hall" <jhall () rex isdn net>
Date: Sat, 14 Sep 1996 15:52:53 -0500 (CDT)
-->> Traffic is already slow enough when a router is unstable because it may -->> not know how to get to the destination, but if you throw in the -->> requirement that it has to know how to get to the source as well, didn't -->> you just help the hacker by shutting down service for lots of people? -->How? I can't understand how this helps the hackers. --> -->Through you are right in case of Universities (and it's not secret just universities -->are the motherland of the hackers -:)). -->--- In order for your idea to work, the router where you're doing the filtering must know how to get to all destinations on the Internet, must not have a default network or route, and they must be symetrical. As far as your other statement, when an instability occurs, all traffic starts getting slow because the routers are trying to reroute around a flapping t3 or whatever caused the outage. Since the whole point around a denial of service attack is to deny service, by adding in the fact that we need to know how to get to the source address before we forward the packet introduces more problems. I think you would find this hurts more than it helps. Even if you limit this kind of lookups to when the packet happens to be a TCP packet with the syn option, you still have a problem in establishing a connection. This creates frustration on the part of the end user. -- ------------------------------------------- | Jeremy Hall Network Engineer | | ISDN-Net, Inc Office +1-615-371-1625 | | Nashville, TN and the southeast USA | | jhall () isdn net Pager +1-615-702-0750 | ------------------------------------------- - - - - - - - - - - - - - - - - -
Current thread:
- Re: SYN floods (was: does history repeat itself?), (continued)
- Re: SYN floods (was: does history repeat itself?) Dima Volodin (Sep 09)
- Re: SYN floods (was: does history repeat itself?) Avi Freedman (Sep 09)
- Re: SYN floods (was: does history repeat itself?) Vektor Sigma (Sep 09)
- Re: SYN floods (was: does history repeat itself?) Avi Freedman (Sep 09)
- Re: SYN floods (was: does history repeat itself?) Taner Halicioglu (Sep 09)
- Re: SYN floods (was: does history repeat itself?) Curtis Villamizar (Sep 12)
- Re: SYN floods (was: does history repeat itself?) Perry E. Metzger (Sep 12)
- Re: SYN floods (was: does history repeat itself?) alex (Sep 13)
- Re: SYN floods (was: does history repeat itself?) Mr. Jeremy Hall (Sep 13)
- Re: SYN floods (was: does history repeat itself?) alex (Sep 14)
- Re: SYN floods (was: does history repeat itself?) Mr. Jeremy Hall (Sep 14)
- High-speed filtering boxes (Was: Re: SYN floods...) Paul Frommeyer (Sep 19)
- Re: High-speed filtering boxes (Was: Re: SYN floods...) Deepak Jain (Sep 19)
- Re: High-speed filtering boxes (Was: Re: SYN floods...) Paul Frommeyer (Sep 19)
- Re: SYN floods (was: does history repeat itself?) Dima Volodin (Sep 09)
- Re: SYN floods (was: does history repeat itself?) Dick St.Peters (Sep 09)
- Re: SYN floods (was: does history repeat itself?) Avi Freedman (Sep 09)
- Re: SYN floods (was: does history repeat itself?) Perry E. Metzger (Sep 09)