Date: Mon, 17 May 1999 21:07:05 -0600 From: Warner Losh <imp@harmony.village.org> To: Harold Gutch <logix@foobar.franken.de> Cc: security@FreeBSD.ORG Subject: Re: Forwarded from BUGTRAQ: SYN floods against FreeBSD Message-ID: <199905180307.VAA75124@harmony.village.org> In-Reply-To: Your message of "Sat, 15 May 1999 00:10:18 %2B0200." <19990515001018.A22645@foobar.franken.de> References: <19990515001018.A22645@foobar.franken.de> <199905140438.VAA97604@apollo.backplane.com> <Pine.BSF.4.05.9905131824250.267-100000@rage.whitefang.com> <4.2.0.37.19990513161529.00c1e3f0@localhost> <Pine.BSF.4.05.9905131824250.267-100000@rage.whitefang.com> <4.2.0.37.19990513202450.0444fca0@localhost> <199905140438.VAA97604@apollo.backplane.com> <19990514072546.A20779@foobar.franken.de> <4.2.0.37.19990514133829.0461e220@localhost> <19990514225001.A22317@foobar.franken.de> <4.2.0.37.19990514154319.04610b80@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <19990515001018.A22645@foobar.franken.de> Harold Gutch writes: : Perhaps dropping a random socket is a better approach... RED has proven to be a good way to deal with congestion. A few years ago when all of this came up the first time, I did some back of the envelope calculations that showed that randomly dropping items in the SYN queue produced a higher percentage chance of connecting to a port under attack than simply discarding the oldest one in the queue. Has anybody come up with a fix for this problem? I've not seen one come accross. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199905180307.VAA75124>