Re: A modest proposal

[Michael Dillon <michael () memra com>]

On Tue, 17 Sep 1996, Robert E. Seastrom wrote:

> In any event, once again I exhort everyone to not waste their time
> filtering the dialups.  Filter your customers, filter your own
> networks; if you incidentally get most of your dialup servers covered
> by that umbrella, fine.  If not, don't lose too much sleep over it --
> if you don't believe me, just config up a linux box with the code of
> your choice, and try to SYNflood someone over a dialup.

> Not worth the trouble.  The far ends of the earth where not even the
> network admins speak English are on the ends of wet strings; it isn't
> worth the aggreivation to telnet through them, and launching a
> source-routed synflood through them would be self-defeating.

If it only takes 8 SYN packets to lock up a socket for 75 seconds then
effective SYN flood attacks certainly *CAN* be launched from a dialup
connection. And if the definition of an effective attack allows for
intermittently shutting down a socket then effective attacks certainly
*CAN be launched from places like Uruguay, Brazil, Indonesia and so forth.

Michael Dillon                   -               ISP & Internet Consulting
Memra Software Inc.              -                  Fax: +1-604-546-3049
http://www.memra.com             -               E-mail: michael () memra com

- - - - - - - - - - - - - - - - -