On Sun, Aug 18, 2013 at 3:56 PM, <[email protected]> wrote: > (a) Because 75% of the Internet doesn't allow spoofing of source addresses, > and (b) Although there's a chance that one machine throwing 3,000 SYN > packets a second will show up on somebody's network monitor, you're never > going to see 3,000 network monitors pop on 1 SYN packet per second. > > And oh yeah, (c) sometimes you don't want to spoof the connection but > want to actually *make* the connection, in order to send them stuff that > will consume even more system resources than just a dangling half-open > connection....
Pretty sure you just reiterated what he implied. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
