Date: Thu, 22 Jun 2000 17:08:31 -0500 From: Brad Guillory <round@baileylink.net> To: freebsd-security@FreeBSD.ORG Subject: Re: How defend from stream2.c attack? Message-ID: <20000622170831.B9875@baileylink.net> In-Reply-To: <200006220015.RAA05962@salsa.gv.tsc.tdk.com>; from Don.Lewis@tsc.tdk.com on Wed, Jun 21, 2000 at 05:15:46PM -0700 References: <000401bfdb64$3eae8320$0c3214d4@dragonland.tts.tomsk.su> <4.3.2.7.2.20000621125756.048b6d80@localhost> <200006220015.RAA05962@salsa.gv.tsc.tdk.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 21, 2000 at 05:15:46PM -0700, Don Lewis wrote: [ Quote from Brett SNIPPED ] > Turning on the RST restriction makes it much easier to spoof TCP connections > that appear to come from your machine or to hijack established TCP > connections... Keep in mind that rate limiting RSTs will only give you a marginally better defence for this type of attack over no RSTs at all. All it would take to gag you is an ACK flood. BMG To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000622170831.B9875>