> I believe that the DoS is that the path through the kernel turns out to be
> long and that a lot of these packets will bring a machine to its knees.
It is not longer than path for any other kind of packet.
In the reported case it is much shorter. 8)
Apparently, you try to remind about that silly pseudo-attack
against some kind of BSD? 8) First, it was different, because
flood was made for port, which was listened. The path is really
longer there, but the difference is ridiculuous.
Second, machines _are_ killed with high pps rates, no doubts.
But it has nothing to do either with TCP or with special packet pattern.
And any kind of policing is useless to fight this. Just do not attach
slow machines to fast but LANs, if you are afraid of local pps floods.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to firstname.lastname@example.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Sep 07 2000 - 21:00:31 EST