nanog mailing list archives
Re: SYN floods continue
From: Avi Freedman <freedman () netaxs com>
Date: Wed, 11 Sep 1996 13:11:03 -0400 (EDT)
I don't know, but since nobody else seems to either, how about a router box that detects excessive SYN activity and then automatically blocks that ip address for awhile? I suppose it just means that the attacker has to vary the source address rapidly.If they modulate the phasers we just need to modulate the sheilds. :-O If someone comes up with a good solution we will be glad to impliment it. -- /*Joseph T. Klein * Keep Cool, but Don't Freeze * NAP.NET, LLC * * phone +1 414 747-8747 * - Hellman's Mayonnaise * http://www.nap.net */
Well, it's a good analogy (modulating the phasers). But they're *randomizing* the phasers... Avi - - - - - - - - - - - - - - - - -
Current thread:
- SYN floods continue Alexis Rosen (Sep 11)
- Re: SYN floods continue Robert Bowman (Sep 11)
- Re: SYN floods continue Jon Zeeff (Sep 11)
- Re: SYN floods continue Joseph T. Klein (Sep 11)
- Re: SYN floods continue Avi Freedman (Sep 11)
- Re: SYN floods continue alex (Sep 11)
- Re: SYN floods continue Larry J. Plato (Sep 11)
- Re: SYN floods continue Joseph T. Klein (Sep 11)
- Re: SYN floods continue Michael Dillon (Sep 11)
- Re: SYN floods continueg Avi Freedman (Sep 11)
- Re: SYN floods continue Steven L. Johnson (Sep 11)
- Re: SYN floods continueh Avi Freedman (Sep 12)
- <Possible follow-ups>
- Re: SYN floods continue Sean Donelan (Sep 11)
- Re[2]: SYN floods continue Pat Calhoun (Sep 11)
- Re: SYN floods continue Vadim Antonov (Sep 11)
- Re: SYN floods continue Justin W. Newton (Sep 11)
(Thread continues...)