Re: question about linux tcp request queue handling

From: Paul Albrecht (palbrecht@qwest.net)
Date: Tue Jul 08 2003 - 14:23:37 EST

Next message: Jeff Garzik: "Re: [PATCH] AES for CryptoAPI - i586-optimized"
Previous message: Gerald Britton: "Re: Linux and IBM : "unauthorized" mini-PCI : Cisco mpi350 _way_ sub-optimal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andi Kleen writes:

>
> The 4.4BSD-Lite code described in Stevens is long outdated. All modern
> BSDs (and probably most other Unixes too) do it in a similar way to what
> Nivedita described. The keywords are "syn flood attack" and "DoS".
>

I have attached a copy of tcpdump output for two linux systems connected
over ether replaying the scenario for incoming request queue handling given
in Stevens's TCP/IP Illustrated Volume 1: The Protocols. What I don't
understand about the third handshake is if the server is going to send the
syn/ack in response the client's initial syn then why does server repeatly
ignore the subsequent ack from the client?

text/plain attachment: trace.txt

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Jeff Garzik: "Re: [PATCH] AES for CryptoAPI - i586-optimized"
Previous message: Gerald Britton: "Re: Linux and IBM : "unauthorized" mini-PCI : Cisco mpi350 _way_ sub-optimal"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Tue Jul 15 2003 - 22:00:28 EST