From: Ben Greear <greearb@candelatech.com>
Date: Tue, 04 Feb 2003 00:42:02 -0800
Am I correct that if I have 10k clients doing their worst tricks, and
3 * (80k, my default according to the kernel) == 240k, then I have at most
2.4MB denial of service? Assuming 60k clients, that is only about 15MB
of DoS? If true, that is a fairly small time DoS considering the RAM available
on today's machines.
Add in the struct sk_buff for each packet as well, which is dependant
upon MSS. Thus you could make the clients use a super-small MSS to
get more per-packet struct sk_buff overhead. The list goes on and on.
At least Linux, unlike BSD, makes an attempt to account for the
sk_buff overhead in the limits :-)
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Feb 07 2003 - 22:00:14 EST