|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: New tcp stack attack
From: Alexander Sabourenkov (screwdriver
lxnt.info)
Date: Wed Oct 01 2008 - 09:44:36 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Duncan Patton a Campbell wrote:
>
> It seems to me the "problem" is with SYN cookies.
>
SYN cookies are only mentioned to boast about their high-performance tcp
flooder. Problem is that some systems 'became overly responsive', and
this is clearly an implementation issue.
"We noticed that certain systems would start resending certain packet
responses continuously until they were rebooted," Lee said.
Certain (buggy) systems resend certain (invalid/unneeded) responses, lo
and behold: tcp is broken forever. Phew.
--
./lxnt
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]