In some mail from Stas Kisel, sie said:
>
> > From: Darren Reed <[EMAIL PROTECTED]>
>
> > The problem with this is the BSD TCP/IP implementation ACK's (or at least
> > attempts to ACK) data as soon as it is received and it is a big no-no to
> > discard queued data that has already been ACK'd.
>
> Probably it is not self-evident why we HAVE to drop this connection.
>
> It is evil connection. Good applications do read data from their sockets,
> and evil ones do not. And ever if it is good, but silly or busy
> application, good clients do not send so much data that application
> can not process it. Am I wrong, there are any examples?
So what if someone manages to crash a program due to a DOS attack ?
An easy one that comes to mind is syslogd. It's often stuck in disk-wait
and can easily be targetted with a large number of packets.
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message
