[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20090620091100.GB22935@mail.oracle.com>
Date: Sat, 20 Jun 2009 02:11:00 -0700
From: Joel Becker <Joel.Becker@...cle.com>
To: David Miller <davem@...emloft.net>
Cc: netdev@...r.kernel.org
Subject: Re: TCP Persist Timer DoS
On Sat, Jun 20, 2009 at 01:05:14AM -0700, David Miller wrote:
> From: Joel Becker <Joel.Becker@...cle.com>
> Date: Fri, 19 Jun 2009 15:31:06 -0700
>
> > Hey Netfolk,
> > I have to assume you've seen
> > http://www.phrack.org/issues.html?issue=66&id=9&mode=txt. Does anyone
> > have a plan or opinion on the DoS? A way to mitigate it, a -EDONTCARE
> > opinion, anything?
>
> This is just like every other "DoS" out there where the attacker has
> to reveal it's IP identity to accomplish the attack, in that it is
> trivial to protect using netfilter by limiting the number of
> connections a host can make with your system.
Thanks Dave, I knew there was a reason this wasn't all that
scary.
Joel
--
"Hell is oneself, hell is alone, the other figures in it, merely projections."
- T. S. Eliot
Joel Becker
Principal Software Developer
Oracle
E-mail: joel.becker@...cle.com
Phone: (650) 506-8127
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists