| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <201205311731.57159.hans.schillstrom@ericsson.com> Date: Thu, 31 May 2012 17:31:55 +0200 From: Hans Schillstrom <hans.schillstrom@...csson.com> To: Eric Dumazet <eric.dumazet@...il.com> CC: Rick Jones <rick.jones2@...com>, Andi Kleen <andi@...stfloor.org>, Jesper Dangaard Brouer <jbrouer@...hat.com>, Jesper Dangaard Brouer <brouer@...hat.com>, "netdev@...r.kernel.org" <netdev@...r.kernel.org>, Christoph Paasch <christoph.paasch@...ouvain.be>, "David S. Miller" <davem@...emloft.net>, Martin Topholm <mph@...h.dk>, Florian Westphal <fw@...len.de>, Tom Herbert <therbert@...gle.com> Subject: Re: [RFC PATCH 2/2] tcp: Early SYN limit and SYN cookie handling to mitigate SYN floods On Thursday 31 May 2012 16:09:21 Eric Dumazet wrote: > On Thu, 2012-05-31 at 10:45 +0200, Hans Schillstrom wrote: > > > I can see plenty "IPv4: dst cache overflow" > > > > This is probably the most problematic problem in DDOS attacks. > > I have a patch for this problem. > > Idea is to not cache dst entries for following cases : > > 1) Input dst, if listener queue is full (syncookies possibly engaged) > > 2) Output dst of SYNACK messages. > Sound like a good idea, if you need some testing just the patches -- Regards Hans Schillstrom <hans.schillstrom@...csson.com> -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists