Travis Hassloch <[EMAIL PROTECTED]> writes: > The part where it becomes a DoS is when they tie up all the listeners > on a socket (e.g. apache), and nothing happens for several minutes until > their connections time out. Whether intentional or not, it does have > a negative effect.
Ah, that makes sense. I was assuming a deliberate attack, which is not actually implicit in the term "DoS". A deliberate denial of service is not made easier by shrinking the window. But an implementation that advertises a 0 window in lieu of sending FIN or RST can certainly deny service inadvertently by tying up resources that should have been freed. Jim Shankland