North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: New Denial of Service Attack on Panix
Tim Bass writes: > > [...] > > Because, it seems to me, since the way to exploit TCP > is to use bogus, unreachable IP sources, why not use > this fact to let the kernal just filter itself under > certain flooding conditions? > > Please let me know why this will not work. > > Thanks, It will, except that a slight modification of the attack (using IP addresses that _don't_ produce ICMP_UNREACH) will get us back to square one. Anyway, filtering packets with SRC addresses known to generate ICMP_UNREACH at the earliest possible stage might be a good idea. > Tim Dima - - - - - - - - - - - - - - - - -
|