Date: Sun, 6 Oct 1996 18:31:57 -0700 (PDT) From: Michael Dillon <michael@memra.com> To: freebsd-hackers@freebsd.org Subject: Re: TCP SYN attacks - a simple solution (fwd) Message-ID: <Pine.BSI.3.93.961006183146.1501E-100000@sidhe.memra.com>
next in thread | raw e-mail | index | archive | help
---------- Forwarded message ---------- Date: Sun, 6 Oct 1996 20:11:21 -0400 (EDT) From: Avi Freedman <freedman@netaxs.com> To: rex@cs.su.oz.au Cc: bugtraq@netspace.org, nanog@merit.edu, iepg@iepg.org Subject: Re: TCP SYN attacks - a simple solution > I'm going to implement this, using boring old md5, and give it a try, > but I was wondering if there are any thoughts about this as a solution? > Any obvious holes I missed. > > Rex di Bona. Using md5, it seems to be working just fine (when it works and doesn't crash :)). Code for starters can be found at ftp.op.net:/pub/src/synprophylactica, I believe. One thing: You must STORE the MSS as part of the iss, or a table of common MSS values. Initial data and window args you seem to be able to ditch without effect. Avi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSI.3.93.961006183146.1501E-100000>