nanog mailing list archives

Re: TCP SYN attacks

From: Avi Freedman <freedman () netaxs com>
Date: Fri, 4 Oct 1996 19:24:16 -0400 (EDT)

From:        Tim Bass[SMTP:bass () linux silkroad com]
Sent:        Friday, October 04, 1996 7:58 AM
To:  freedman () netaxs com
Cc:  nanog () merit edu; iepg () iepg org
Subject:     Re: TCP SYN attacks


My preferred approach is to not even have to store state on any
of the embryonic connections.  And to implement the fix on all
of my hosts.  And customers can implement it in a firewall, if
they choose (and have boxes which can't be fixed: Win95, NT, Macs, ...).

Avi


Avi,

Did you mean to state that these boxes can't be fixed (hardened against
SYN attacks) by you?

Ted L.

My statements are my own and not of the Microsoft Corp.


If I had Win95 or NT source I suppose I could harden them w/out
a SYN-handling proxy...

Ditto for MacOS (if that's what it's called).

Avi

- - - - - - - - - - - - - - - - -

Current thread:

Re: TCP SYN attacks, (continued)
- - Re: TCP SYN attacks Tom Perrine (Oct 03)
    - Re: TCP SYN attacks Avi Freedman (Oct 03)
    - Re: TCP SYN attacks Dima Volodin (Oct 04)
    - Re: TCP SYN attacks Avi Freedman (Oct 04)
    - Re: TCP SYN attacks Tim Bass (Oct 04)
    - Re: TCP SYN attacks Dima Volodin (Oct 04)
    - Re: TCP SYN attacks Alexis Rosen (Oct 03)
- Re: TCP SYN attacks (SYNDefender white paper) root (Oct 03)
- Re: TCP SYN attacks Perry E. Metzger (Oct 03)
- RE: TCP SYN attacks Ted Linnenkamp (Oct 04)
  - Re: TCP SYN attacks Avi Freedman (Oct 04)