| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20080206085357.GA1402@one.firstfloor.org> Date: Wed, 6 Feb 2008 09:53:57 +0100 From: Andi Kleen <andi@...stfloor.org> To: Ross Vandegrift <ross@...listi.us> Cc: Andi Kleen <andi@...stfloor.org>, Glenn Griffin <ggriffin.kernel@...il.com>, netdev@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] Add IPv6 support to TCP SYN cookies > I work at a hosting company and we see these kinds of issues in the > real world fairly frequently. I would guess maybe a monthly basis. > The servers where we have seen this are typically running RHEL 4 or 5 > kernels, so I can't really speak to how recent the kernel is in this > specific term. RHEL5 should be recent enough. > > If I can find a box that we could temporary get a kernel.org kernel > on, I'll see if I can get a real comparison together. We have > collected a few of the more effective attack tools that have been left > on compromised systems, so it wouldn't be too difficult to get some > numbers. That would be useful yes -- for different bandwidths. If the young/old heuristics do not work well enough anymore most likely we should try readding RED to the syn queue again. That used to be pretty effective in the early days. I don't quite remember why Linux didn't end up using it in fact. -Andi -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists