Re: SYN flooding....

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: Michael Meskes: "Changing my address"
• Previous message: Romano Giannetti: "Re: sync seems does not work fine?"
• Next in thread: Jon Lewis: "Re: SYN flooding...."
• Reply: Jon Lewis: "Re: SYN flooding...."

> It was only recently that I noticed how trivial it is to forge the source
> address in oversized ping attacks. Now I kind of understand why Alan
> didn't bother logging the source address in the original fix.

My personal opinion is that logging useless information is less
harmful than throwing information away. If the stupid fools didn't
forge their source address, or are behind a router that correctly only
allows "internal IP addresses" to go out, you would at least have
the ISP that they operate from....

Lots of things are trivial once you know how to do them. I spent two
hours yesterday trying to recover my filesystems after I had wacked my
partition table the day before. Turned out I needed only three minutes
once I found the correct partition table backup.....

Roger.

• Next message: Michael Meskes: "Changing my address"
• Previous message: Romano Giannetti: "Re: sync seems does not work fine?"
• Next in thread: Jon Lewis: "Re: SYN flooding...."
• Reply: Jon Lewis: "Re: SYN flooding...."