|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections
Subject: Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections
From: Alan Cox (alan
LXORGUK.UKUU.ORG.UK)
Date: Wed Dec 29 1999 - 20:45:14 CST
- Next message: Paul Schinder: "Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections"
- Previous message: Henrik Edlund: "Re: majordomo local exploit"
- In reply to: John Copeland: "The "Mac DoS Attack," a Scheme for Blocking Internet Connections"
- Next in thread: Paul Schinder: "Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections"
- Reply: Alan Cox: "Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> The Internet Service Providers (ISPs) must take action to drop long ICMP
> packets in the backbone networks (any packet longer than 1499 bytes, at
> least).
This will break existing "good behaviour" legal systems and potentially
disrupt MTU discovery proceedure. It isnt a feasible option without a lot
of additional checks to the packet type etc, at which point with many routers
the firewall rules involved turn into a performance based DoS on the core
routers.
Alan
- Next message: Paul Schinder: "Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections"
- Previous message: Henrik Edlund: "Re: majordomo local exploit"
- In reply to: John Copeland: "The "Mac DoS Attack," a Scheme for Blocking Internet Connections"
- Next in thread: Paul Schinder: "Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections"
- Reply: Alan Cox: "Re: The "Mac DoS Attack," a Scheme for Blocking Internet Connections"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
This archive was generated by hypermail 2b27 : Thu Dec 30 1999 - 12:48:32 CST