Re: linux kernel TCP, network connections and iptables

Date: Thu Sep 07 2000 - 20:23:18 EST

On Thu, 7 Sep 2000 wrote:
> Hello!
> > I believe that the DoS is that the path through the kernel turns out to be
> > long and that a lot of these packets will bring a machine to its knees.
> It is not longer than path for any other kind of packet.
> In the reported case it is much shorter. 8)
> Apparently, you try to remind about that silly pseudo-attack
> against some kind of BSD? 8) First, it was different, because
> flood was made for port, which was listened. The path is really
> longer there, but the difference is ridiculuous.

Well, it looks like you're getting hit with stream.c or raped.c and what
I'm passing on is just what I picked up from a CERT guy at Usenix. He
claimed that stream.c worked by exploiting a long path through the kernel
to bring the machine to its knees.

Dave Dittrich has a bunch of information (which I should probably read) on
these attacks here:

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Thu Sep 07 2000 - 21:00:32 EST