Re: teardrop and Linux as a router

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 24 Nov 1997 21:04:30 +0000 (GMT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Garst R. Reese: "possible oops in 2.1.6x cause"
Previous message: Rik van Riel: "Re: [URGENT ASSISTANCE REQUESTED] production machines dying"

> Just line synfloods theses packets should be labled 'possible attack' and
> should be logged with flood protetction..

Well the packet origin is worthless, the result of logging potentially
harmful and the value of logging nil. You can log such packets into user
space (especially once the socket filters are in 2.2) and in user space
run some sensible attack analysis heuristics and also take evasive
action

Next message: Garst R. Reese: "possible oops in 2.1.6x cause"
Previous message: Rik van Riel: "Re: [URGENT ASSISTANCE REQUESTED] production machines dying"