funsec mailing list archives

Re: Naughty Comcast

From: "Dennis Henderson" <hendomatic () gmail com>
Date: Fri, 19 Oct 2007 12:33:37 -0500

On 10/19/07, Florian Weimer <fw () deneb enyo de> wrote:


* Blue Boar:

I took that to mean they were injecting RST packets, ala the great
Firewall of China.


RST packets do not work that well to reduce bandwidth consumption
because the client immediately tries to establish a new connection
(maybe to a different host, but still).  You need to do something that
stalls the connection by confusing the TCP at one end.
_______________________________________________




Forge zero window packets for tcp or source quench for udp..

That can slow things down pretty good.

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.

Current thread:

Naughty Comcast Alex Eckelberry (Oct 19)
- Re: Naughty Comcast Brian Loe (Oct 19)
  - Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
    - Re: Naughty Comcast Blue Boar (Oct 19)
    - Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
    - Re: Naughty Comcast Blue Boar (Oct 19)
    - Re: Naughty Comcast Florian Weimer (Oct 19)
    - Re: Naughty Comcast Valdis . Kletnieks (Oct 19)
    - Re: Naughty Comcast Dennis Henderson (Oct 19)
    - Re: Naughty Comcast Sean Donelan (Oct 19)
- Re: Naughty Comcast Gadi Evron (Oct 19)