North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: SYN floods continue
If you can write a SYN flooder you can trivialy add the call to to generate a random source address.... IMHO this is not a win. Larry Plato > > > I don't know, but since nobody else seems to either, how about a > router box that detects excessive SYN activity and then automatically > blocks that ip address for awhile? I suppose it just means that > the attacker has to vary the source address rapidly. > > > Anyway. Point is this: We can't take too much more of this, nor can our > > customers. I have yet to hear *anyone* come up with any ideas even remotely > > reasonable for how to deal with this situation, long term, except for the > - - - - - - - - - - - - - - - - -
|