On Thu, 7 Sep 2000 kuznet@ms2.inr.ac.ru wrote:
> Hello!
> > - Could there be some kind of handling for such packets (meaning TCP packets
> > reaching at an unused port with ACK bit set - with no previous SYN etc packet)
> > to avoid such DoS attacks? Is the same happening to newer kernels? If yes,
> > should we just eat it and shut up (because that's the way TCP works and it
> > will not change)?
>
> TCP MUST do this and this cannot be changed.
>
> > - To do something about the above DoS,...
>
> By any _formal_ criteria there is no DoS here. You reply with one packet
> to each incoming packet and do not hold any state. Where is DoS?
I believe that the DoS is that the path through the kernel turns out to be
long and that a lot of these packets will bring a machine to its knees.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Sep 07 2000 - 21:00:31 EST