North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: router syn/syn-ack/ack alarming...
If it were such a clean-and-dry issue, believe me, we 'router vendors' would be happy to implement this knob; but alas, there are several valid instances where the SYN/SYN-ACK/ACK conversation ratio is not quite predictable. In any event, we are not sitting idly -- more info as it becomes available. - paul At 01:23 PM 9/17/96 -0700, Regis Donovan wrote: >um... maybe i'm missing the clue here, but if the router vendors add >something that shuts down an interface if the SYN/SYN-ACK/ACK ratio >becomes too bad make it *easier* for me if i'm doing a denial of service >attack on a host? > >instead of denying service to a given host, all i have to do is drive >the router into alarm mode so it shuts off the interface and then i get >to deny service to an entire segment and everything downstream from that >segment... > >here's to better bang for your cracker-kiddie buck... >--regis > - - - - - - - - - - - - - - - - -
|