nanog mailing list archives
Re: New Denial of Service Attack on Panix
From: "Erik E. Fair" (Time Keeper) <fair () clock org>
Date: Tue, 17 Sep 1996 04:30:40 -0700
Your suggestion has two flaws: 1. missed SYN ACKs due to asymmetric routing. 2. missed SYN ACKs due to diode routes. One could argue, of course, that notification of this condition (without speculating on whether the condition is any of an asymmetric route, a diode route, or a SYN attack) might be worthwhile... I'm gonna have to go digging in my archives for the messages I sent to the CERT and the IETF about this potential problem after it happened to me at Apple, three years ago, due to a diode route. I publically recommended to the IETF mailing list that the edges of the network be filtered, and I privately recommended to the CERT that they begin flogging the systems vendors for robustness in the face of precisely this denial of service attack in their hosts. You can imagine the incredible levels of enthusiastic "can do" attitude I got... Erik Fair - - - - - - - - - - - - - - - - -
Current thread:
- Re: New Denial of Service Attack on Panix, (continued)
- Re: New Denial of Service Attack on Panix Paul A Vixie (Sep 16)
- Re: New Denial of Service Attack on Panix Matt Ranney (Sep 16)
- Re: New Denial of Service Attack on Panix Mark A. Fullmer (Sep 16)
- Re: New Denial of Service Attack on Panix Craig A. Huegen (Sep 16)
- Re: New Denial of Service Attack on Panix Paul A Vixie (Sep 16)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 16)
- Re: New Denial of Service Attack on Panix Craig A. Huegen (Sep 16)
- Re: New Denial of Service Attack on Panix Jonathan Heiliger (Sep 17)
- Re: New Denial of Service Attack on Panix Forrest W. Christian (Sep 17)
- Re: New Denial of Service Attack on Panix Avi Freedman (Sep 17)
- Re: New Denial of Service Attack on Panix Erik E. Fair (Sep 17)
- Re: New Denial of Service Attack on Panix Curtis Villamizar (Sep 17)
- Re: New Denial of Service Attack on Panix Forrest W. Christian (Sep 17)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 17)
- Re: New Denial of Service Attack on Panix Curtis Villamizar (Sep 17)
- Re: New Denial of Service Attack on Panix Perry E. Metzger (Sep 16)
- Re: New Denial of Service Attack on Panix Michael Dillon (Sep 16)
- Re: New Denial of Service Attack on Panix Rashid Karimov (Sep 17)
- Re: New Denial of Service Attack on Panix Christopher Blizzard (Sep 17)
- Re: New Denial of Service Attack on Panix Tim Bass (Sep 16)
- Re: New Denial of Service Attack on Panix Craig A. Huegen (Sep 16)