North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New Denial of Service Attack on Panix
I'm wondering if this is not quite the panacea that it appears. More thought is certainly required here... asymmetry being a problem that leaps to mind. - paul At 01:02 PM 9/17/96 -0700, Vadim Antonov wrote: >This is the excellent idea! Actually, router vendors may simply >add a feature which shuts down the interface if SYN/SYN-ACK balance >is too bad -- thus disconnecting the hacker-to-be. > >Of course, that balance may be decaying with time, so repeated >unsuccessful attempts to connect won't trigger alarms. > >--vadim > >Forrest W. Christian <[email protected]> wrote: > >Maybe I'm missing something here, but wouldn't these Denial of Service >attacks cause a severe mismatch in the numbers of SYNs and SYN-ACKs on a >given router interface? > >If so, then couldn't we just sweet-talk cisco into providing 5 minute >counts of syns and syn-acks on an interface? > > - - - - - - - - - - - - - - - - -
|