Date: Fri, 27 Sep 1996 22:57:37 +0200 (MET DST) From: guido@gvr.win.tue.nl (Guido van Rooij) To: apg@demos.net (Paul Antonov) Cc: fenner@parc.xerox.com, apg@demos.net, hackers@freebsd.org Subject: Re: patch against SYN floods (RED impl.) Message-ID: <199609272057.WAA02273@gvr.win.tue.nl> In-Reply-To: <oFyy3JouB0@dream.demos.su> from Paul Antonov at "Sep 28, 96 00:55:24 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Paul Antonov wrote: > In message <96Sep27.133646pdt.177476@crevenia.parc.xerox.com> Bill > Fenner writes: > > >Not only that, but it's relatively dangerous to use information supplied > >by the attacker as part of your "random" number. For example, the attacker > >could vary his initial sequence number by tv_usec / 33 and keep the > >"random" number constant. > > Yes, I agree that better random function is necessary. My own test flood > generator uses random seq's - it's too good :) Any ideas? > I thought we had a random generator in the kernel.... -Guido
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609272057.WAA02273>