OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Bugtraq archives for 4th quarter (Oct-Dec) 1996: Re: Excellent host SYN-attack fix for BSD hosts

Re: Excellent host SYN-attack fix for BSD hosts

Jeff Weisberg (jawOp.Net)
Tue, 15 Oct 1996 18:33:05 -0400

Steve Kann <stevekio360.com> writes:
| 3 days of letting a program rip doesn't seem like much price to pay for
| being able to subvert a packet filter rule.  This is what has scared me
| about this solution from the outset.  Am I missing something, or are we
| setting ourselves up to exchange a DOS condition for something worse?

well, if someone is going to spend a weekend randomly guessing at 32bit
numbers, there are other attacks they could go for that are not going to
fill someone's screen/logfiles with 100 "verify failed, dropping" every
second (which would (hopefully) be noticed)



        --jeff