nanog mailing list archives
Re: TCP SYN attacks
From: Tom Perrine <tep () SDSC EDU>
Date: Thu, 3 Oct 96 14:13:26 PDT
The moving finger of Dima Volodin, having written:
Dima> Any data on how the firewall itself withstands SYN attacks? How much Dima> resources are needed to cope with a real attack? From what I've read in Dima> their white paper it's just a piece of SYN-processing code that was Dima> duplicated (functionally) in the gateway, so all concerns about resource Dima> usage and speed seem to be still valid. Dima> Dima I agree. It seems to me that placing this processing in the firewall is *potentially* dangerous, as now a SYN-flooding attack (*IF* *successful*) will deny service to everything behind the firewall, instead of just the targeted host. If I know I can fire-hose your firewall, and take your *site* off the net, then it might become more attractive to me to "find" sufficient CPU and bandwidth resources to generate enough packets to take you out. This could "raise the stakes" enough to make it worth it to an attacker. -- Tom E. Perrine (tep () SDSC EDU) | San Diego Supercomputer Center http://www.sdsc.edu/~tep/ | Voice: +1.619.534.5000 "Ille Albus Canne Vinco Homines" - You Know Who - - - - - - - - - - - - - - - - -
Current thread:
- Re: TCP SYN attacks Richard Stiennon (Oct 03)
- Re: TCP SYN attacks Dima Volodin (Oct 03)
- Re: TCP SYN attacks Tom Perrine (Oct 03)
- Re: TCP SYN attacks Avi Freedman (Oct 03)
- Re: TCP SYN attacks Dima Volodin (Oct 04)
- Re: TCP SYN attacks Avi Freedman (Oct 04)
- Re: TCP SYN attacks Tim Bass (Oct 04)
- Re: TCP SYN attacks Dima Volodin (Oct 04)
- Re: TCP SYN attacks Tom Perrine (Oct 03)
- Re: TCP SYN attacks Dima Volodin (Oct 03)
- Re: TCP SYN attacks Alexis Rosen (Oct 03)
- <Possible follow-ups>
- RE: TCP SYN attacks Ted Linnenkamp (Oct 04)
- Re: TCP SYN attacks Avi Freedman (Oct 04)