Brett Glass writes:
> At 02:09 PM 1/20/2000 , jamiE rishaw - master e*tard wrote:
>
> >I have a copy of this, which I am not giving out. I will probably
> >fire one off to jkh for sanity,
Terriffic!
> >The problem is, the kernel already (from my understanding) drops bad ACKs
> >pretty quickly. The thing is, tho, that it's kernel bound.. which means
> >CPU.. so unless you have tons of extra CPU to spare, this attack will
> >take your system to a "pause" until the attacker ceases.
>
> The name "stream.c" makes it sound like a local, not remote, DoS. Does
No, it's remote.
> it have to be done from inside the system to be effective? I would think
Not necessarily.
> that, if it came from the outside, it'd be harder to saturate the
> victim.
>
> I can think of ways to filter this by adding some stuff to IPFW.
I don't believe you can filter it.
>
> --Brett
>
-- dima
To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message
