On Wed, Oct 1, 2008 at 4:47 PM, Dries Schellekens <[EMAIL PROTECTED]> wrote:
> When I read the pseudo article, I had the impression that the server > does not have to implement SYN cookies. Their sockstress program uses > (client) SYN cookies to estabilish a lot of TCP connections with > minimal own resources... Some speculation by Fyodor: http://insecure.org/stf/tcp-dos-attack-explained.html Also check blog of one of the attack inventors: http://blog.robertlee.name/ Cheers, Dries
