|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: TCP SYN attacks
Now what is 100,000 entries? With the timeout aggressively set at 10 secs (heck, with 10 secs I sometimes cannot even get all the images on home.netscape.com) it's only 1000 SYNs/sec. How many hosts you want to protect with such a firewall? Dima Avi Freedman writes: > > If someone can hose a firewall with an adaptive SYN timeout and > a 100,000 or more-entry state storage structure for pending SYNs > (not that any particular implementation does this that I know of > or don't know of) then I *WANT* them to attack me. > > Something that un-subtle should be eeasy to track back to the source. > > > Tom E. Perrine ([email protected]) | San Diego Supercomputer Center > > http://www.sdsc.edu/~tep/ | Voice: +1.619.534.5000 > > "Ille Albus Canne Vinco Homines" - You Know Who > > Avi > - - - - - - - - - - - - - - - - -
|