nanog mailing list archives
Re: New Denial of Service Attack on Panix
From: dvv () sprint net (Dima Volodin)
Date: Wed, 2 Oct 1996 17:32:52 -0400 (EDT)
Tim Bass writes:
[...] Because, it seems to me, since the way to exploit TCP is to use bogus, unreachable IP sources, why not use this fact to let the kernal just filter itself under certain flooding conditions? Please let me know why this will not work. Thanks,
It will, except that a slight modification of the attack (using IP addresses that _don't_ produce ICMP_UNREACH) will get us back to square one. Anyway, filtering packets with SRC addresses known to generate ICMP_UNREACH at the earliest possible stage might be a good idea.
Tim
Dima - - - - - - - - - - - - - - - - -
Current thread:
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 02)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 02)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 02)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 02)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 02)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 02)
- Re: New Denial of Service Attack on Panix Dima Volodin (Oct 02)
- Uh...excuse me...? Carl Payne (Oct 02)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 02)
- Re: New Denial of Service Attack on Panix Tim Bass (Oct 02)
- Re: New Denial of Service Attack on Panix\ Avi Freedman (Oct 02)
- Re: New Denial of Service Attack on Panix\ Tim Bass (Oct 03)
- Re: New Denial of Service Attack on Panix\ Tim Bass (Oct 03)
- Re: New Denial of Service Attack on Panix\ Matt Zimmerman (Oct 03)