Date: Fri, 21 Jan 2000 14:58:40 -0800 (PST) From: Matthew Dillon <dillon@apollo.backplane.com> To: Gene Harris <zeus@tetronsoftware.com> Cc: Wes Peters <wes@softweyr.com>, Brett Glass <brett@lariat.org>, freebsd-security@FreeBSD.ORG Subject: Re: Some observations on stream.c and streamnt.c Message-ID: <200001212258.OAA64329@apollo.backplane.com> References: <Pine.BSF.4.10.10001211649440.4460-100000@tetron02.tetronsoftware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
:Wes, : :SP5 and SP6 made some pretty big revisions to the TCP stack. :That's why I was meticulous on reporting SP6a. It does make :a difference. : :I am now sitting here with the machine hooked to a 100 MB :network with the attacking machine on the other side of a T3 :at telepath.com. We cannot see any affect on the NT Server, :running IIS and SQL Server as a custom web provider. This :is a production machine. : :*==============================================* :*Gene Harris http://www.tetronsoftware.com* Ok... but what sort of packet rate is the machine at telepath.com seeing from this attack? Note that a T3 is only 45 MBits. Attacks on BEST that only went through a single incoming T3 never had much of an effect, it was only those attacks that came over multiple T3's (generally ping-broadcast attacks) that we worried about. -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001212258.OAA64329>