In its security information that can be found on http://www.iss.net/security_center/reference/vuln/Stream_DoS.htm, it's noted that signature only considers ACK packets that are not associated with an active connection.
But I've found that this signature is triggered whenever the number of ACKs exceed the pam.flood.ack.limit threshold within pam.flood.ack.interval seconds. Has anyone found the same? Please, correct me if I'm wrong. --- Best regards, Sergey V. Soldatov. tel/fax +7 095 745 89 50 (2663) _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum To contact the ISSForum Moderator, send email to [EMAIL PROTECTED] The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.
