Date: Fri, 01 Dec 2000 13:22:22 -0700 From: Brett Glass <brett@lariat.org> To: Umesh Krishnaswamy <umesh@juniper.net>, freebsd-security@FreeBSD.ORG, umesh@juniper.net Subject: Re: Defeating SYN flood attacks Message-ID: <4.3.2.7.2.20001201131729.04907bf0@localhost> In-Reply-To: <3A27F625.4C87CC7C@juniper.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Steve Gibson just published a great article on SYN flood avoidance, complete with a mechanism that I think FreeBSD should adopt for it. See http://grc.com/r&d/nomoredos.htm --Brett At 12:04 PM 12/1/2000, Umesh Krishnaswamy wrote: >Hi Folks, > >I wanted to double-check which version of FreeBSD (if any) can address a >SYN flooding DoS attack. The latest FreeBSD sources (tcp_input.c and >ip_input.c) do not seem to have any code to address such an attack. Maybe I am >missing something. > >So if you folks can enlighten me on whether or how to handle the SYN attack from >within the kernel, I would appreciate it. I am aware of ingress filtering; while >that can help attacks from randomized IP addresses, it will fail in the case of >an attack from a spoofed trusted IP address. Hence the desire to look into the >kernel for a fix. > >Thanks. >Umesh. > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.3.2.7.2.20001201131729.04907bf0>