nanog mailing list archives

Re: TCP receive window set to 0; DoS or not?

From: Jim Shankland <nanog () shankland org>
Date: Fri, 8 Sep 2006 17:55:59 -0700


Travis Hassloch <travis.hassloch () rackspace com> writes:

The part where it becomes a DoS is when they tie up all the listeners
on a socket (e.g. apache), and nothing happens for several minutes until
their connections time out.  Whether intentional or not, it does have
a negative effect.


Ah, that makes sense.  I was assuming a deliberate attack, which is
not actually implicit in the term "DoS".  A deliberate denial of
service is not made easier by shrinking the window.  But an implementation
that advertises a 0 window in lieu of sending FIN or RST can certainly
deny service inadvertently by tying up resources that should have been
freed.

Jim Shankland

Current thread:

TCP receive window set to 0; DoS or not? Travis Hassloch (Sep 07)
- Re: TCP receive window set to 0; DoS or not? billn (Sep 07)
  - Re: TCP receive window set to 0; DoS or not? Richard A Steenbergen (Sep 07)
    - Re: TCP receive window set to 0; DoS or not? billn (Sep 07)
    - Re: TCP receive window set to 0; DoS or not? Steven M. Bellovin (Sep 07)
    - Re: TCP receive window set to 0; DoS or not? Jim Shankland (Sep 07)
    - Re: TCP receive window set to 0; DoS or not? Richard A Steenbergen (Sep 07)
    - Re: TCP receive window set to 0; DoS or not? Travis Hassloch (Sep 08)
    - Re: TCP receive window set to 0; DoS or not? Jim Shankland (Sep 08)
- <Possible follow-ups>
- Re: TCP receive window set to 0; DoS or not? billn (Sep 07)
  - Re: TCP receive window set to 0; DoS or not? Christopher L. Morrow (Sep 07)
    - Re: TCP receive window set to 0; DoS or not? David E. Smith (Sep 07)
  - Re: TCP receive window set to 0; DoS or not? Robert E . Seastrom (Sep 08)
- Re: TCP receive window set to 0; DoS or not? Fernando Gont (Sep 26)