In some mail from Stas Kisel, sie said: > > > From: Darren Reed <[email protected]> > > > The problem with this is the BSD TCP/IP implementation ACK's (or at least > > attempts to ACK) data as soon as it is received and it is a big no-no to > > discard queued data that has already been ACK'd. > > Probably it is not self-evident why we HAVE to drop this connection. > > It is evil connection. Good applications do read data from their sockets, > and evil ones do not. And ever if it is good, but silly or busy > application, good clients do not send so much data that application > can not process it. Am I wrong, there are any examples?
So what if someone manages to crash a program due to a DOS attack ? An easy one that comes to mind is syslogd. It's often stuck in disk-wait and can easily be targetted with a large number of packets. To Unsubscribe: send mail to [email protected] with "unsubscribe freebsd-hackers" in the body of the message
