Date: Wed, 22 May 1996 16:38:31 -0500 (CDT) From: "Brett L. Hawn" <blh@nol.net> To: "Charles C. Figueiredo" <marxx@apocalypse.superlink.net> Cc: Paul Traina <pst@Shockwave.COM>, Garrett Wollman <wollman@lcs.mit.edu>, Poul-Henning Kamp <phk@critter.tfs.com>, current@FreeBSD.ORG Subject: Re: freebsd + synfloods + ip spoofing Message-ID: <Pine.SOL.3.93.960522163712.15887D-100000@dazed.nol.net> In-Reply-To: <Pine.BSF.3.91.960522133846.3698F-100000@apocalypse.superlink.net>
next in thread | previous in thread | raw e-mail | index | archive | help
> The problem doesn't lies in the sequence generator, the problem lies
> in the fact that any 4.{3.4}BSD derived OS gets hosed up by 8 SYN packets
> from an unreachable host, that's all, 8. That's why, as you notice,
> SunOS affected too. What I've been trying to say is that nothing is
> wrong with the generator, as compared to other OSs, FreeBSD's is
> actually better! The problem is that FreeBSD, as other BSD OSs, only
> takes 8 SYN packets from an unreachable host to hose.
Ok, so now we have two problems, 1: it only takes 8 syn's to hose fbsd 2: an
easy to guess sequence generator. My guess is that #1 would be easier to
avoid if #2 were fixed.
Brett
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.SOL.3.93.960522163712.15887D-100000>