Christopher L. Morrow wrote:
On Thu, 16 Jan 2003, Brad Laue wrote:
[ .. ]
Doesn't ECN depend on 'well behaved' traffic? In other words, wouldn't it
require the hosts sending traffic to slow down? So... even if the hosts
slowed down, 10,000 hosts still is a high tra
Christopher L. Morrow wrote:
On Thu, 16 Jan 2003, hc wrote:
Because syn cookies are available on routing gear??? Either way syn
cookies are not going to keep the device from sending a 'syn-ack' to the
'originating host'.
True.. At least it will have some stop in the amount of attacks.
I
Having researched this in-depth after reading a rather cursory article
on the topic (http://grc.com/dos/drdos.htm), only two main methods come
to my mind to protect against it.
By way of quick review, such an attack is carried out by forging the
source address of the target host and sending large
