argh!!! wrong src, sorry.
On Sat, Nov 29, 2008 at 2:48 PM, Christopher Morrow <[EMAIL PROTECTED]> wrote: > On Sat, Nov 29, 2008 at 2:08 PM, Templin, Fred L > <[EMAIL PROTECTED]> wrote: >>>|> That implies that the >>>|> ETR does a mapping lookup on the receipt of a packet, buffers >>>|> the packet until the lookup succeeds, and the does the >>>|> compare. >>>| >>>|Oh you mean like the IPv6 neighbor discovery process!? >>> >>> >>>Two wrongs don't make a right. >> >> Why buffer the packet until the lookup succeeds? Why not >> just accept the first few packets while a lookup is done > > a synflood is a bunch of 1 packet flows :( you lose, I win! yippee! :( > Seriously though, if you send through 'some' of the bad packets all > the attacker has to know is how many 'some' is... in the worst case > the answer is 'one'. > > Buffering is bad, really, really bad. > > -chris > _______________________________________________ rrg mailing list [email protected] https://www.irtf.org/mailman/listinfo/rrg
