On Thu, 7 Sep 2000 [EMAIL PROTECTED] wrote:
> Hello!
> > - Could there be some kind of handling for such packets (meaning TCP packets
> > reaching at an unused port with ACK bit set - with no previous SYN etc packet)
> > to avoid such DoS attacks? Is the same happening to newer kernels? If yes,
> > should we just eat it and shut up (because that's the way TCP works and it
> > will not change)?
>
> TCP MUST do this and this cannot be changed.
>
> > - To do something about the above DoS,...
>
> By any _formal_ criteria there is no DoS here. You reply with one packet
> to each incoming packet and do not hold any state. Where is DoS?
I believe that the DoS is that the path through the kernel turns out to be
long and that a lot of these packets will bring a machine to its knees.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
Please read the FAQ at http://www.tux.org/lkml/
