Date: Thu, 17 Oct 1996 01:48:08 -0700 (PDT) From: Dmitry Kohmanyuk <dk@dog.farm.org> Cc: freebsd-hackers@freebsd.org Subject: Re: Excellent host SYN-attack fix for BSD hosts (fwd) Message-ID: <199610170848.BAA01012@dog.farm.org> References: <199610141726.NAA20351@neon.ingenia.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Mike Shaver (shaver@neon.ingenia.ca) wrote: > Thus spake Michael Dillon: > > window size > > and any initial data is discarded; > This, of course, breaks the TCP specification, in case anyone still > cares about that. (Few do, I fear.) Hmm... you can ACK only to position 0, assuming some weird router fragmented the packet along the way and then eaten all but the first fragment. Then the client would retransmit. (Well, the client could rely on minimal MTU...) > (I seem to recall someone saying that it made it impossible to talk to > any machine that did T/TCP, as well.) You can easily distinguish T/TCP by looking for CC option set. Also, since you normally bybass TCP 3-way handshake with T/TCP, there is no reason to prevent SYN floods. (Here comes the issue of T/TCP cache state floods.)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199610170848.BAA01012>