From owner-freebsd-security Sat Sep 21 09:33:32 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id JAA20062 for security-outgoing; Sat, 21 Sep 1996 09:33:32 -0700 (PDT) Received: from agora.rdrop.com (root@agora.rdrop.com [199.2.210.241]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id JAA18014 for ; Sat, 21 Sep 1996 09:30:47 -0700 (PDT) Received: from rover.village.org by agora.rdrop.com with smtp (Smail3.1.29.1 #17) id m0v4Uwv-0008veC; Sat, 21 Sep 96 09:30 PDT Received: from rover.village.org (localhost [127.0.0.1]) by rover.village.org (8.7.5/8.6.6) with ESMTP id KAA10482; Sat, 21 Sep 1996 10:27:09 -0600 (MDT) Message-Id: <199609211627.KAA10482@rover.village.org> To: "David E. Tweten" Subject: Re: comments on the SYN attack Cc: newton@communica.com.au (Mark Newton), spfarrel@midway.uchicago.edu, security@freebsd.org In-reply-to: Your message of "Sat, 21 Sep 1996 05:20:38 PDT." <199609211220.FAA06633@ns.frihet.com> References: <199609211220.FAA06633@ns.frihet.com> Date: Sat, 21 Sep 1996 10:27:08 -0600 From: Warner Losh Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk In message <199609211220.FAA06633@ns.frihet.com> "David E. Tweten" writes: : Oh, and "Nice idea, Werner." The idea was stolen, by me and at least one other that I've since seen[*], from another context. Van Jacobson and his team over at LBLL proposed something called a RED gateway. As the queue length increases, random packets are dropped in increasing likelyhood. Evidentally, this provides the right kind of feedback to TCP to have it slow down. I was merely wondering if this might be applied well to the problem at hand. The random method is different than the discard the oldest, and may or may not work better.... Tests are underway right now. Warner [*] Since I made my original suggestion, I have seen mail from Robert Morris forwarded to another list suggesting the same thing, but more coherently.