Date: Sun, 22 Sep 1996 19:14:18 -0600 From: Warner Losh <imp@village.org> To: Darren Reed <avalon@coombs.anu.edu.au> Cc: security@FreeBSD.org Subject: Re: comments on the SYN attack Message-ID: <199609230114.TAA28187@rover.village.org> In-Reply-To: Your message of "Mon, 23 Sep 1996 10:10:44 %2B1000." <199609230010.SAA29579@information-retrieval.village.org> References: <199609230010.SAA29579@information-retrieval.village.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <199609230010.SAA29579@information-retrieval.village.org> Darren Reed writes: : so, you're saying something like "if I already have an established : connection to this source host, try not to drop the half-open state" ? I hadn't intended to say that... I was wanting to make the point that it was expensive to drop insipient half-open connections and that should be avoided where possible. In a SYN Bombing scenario, however, that isn't possible, but it would argue, imho, to be conservative about what you drop. Warner
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199609230114.TAA28187>