and Robert Lee's response to that: "In regards to Fyodor's article<http://insecure.org/stf/tcp-dos-attack-explained.html> : There are some really valid points made; While his article does describe some of how sockstress works and why it is efficient, it does not describe our attacks.
Jack would like to stress that turning off server side SYN-Cookie protection will not help and will only make you open to syn flood attacks again (as stated in Fyodor's article). Also, scenarios that lead to systems being resource starved to the point of requiring a reboot is very attack and target specific. It is not as universal as causing a specific service to become unavailable. We have made this clear in all public communications, but it is worth saying again" so it looks like we'll need to wait and see what these guys really have when they disclose it on Oct. 17. -phil On Fri, Oct 3, 2008 at 10:19 AM, Eugen Leitl <[EMAIL PROTECTED]> wrote: > On Fri, Oct 03, 2008 at 10:06:15AM -0500, BSD Wiz wrote: > > And how could the dev team implement a fix if we don't know the > > specifics of the exploit? This will be something that the freebsd dev > > Fyodor seems to think it's nothing new. > > http://insecure.org/stf/tcp-dos-attack-explained.html > > > team will need to fix and I'm sure they will asap. > > -- > Eugen* Leitl <a href="http://leitl.org";>leitl</a> http://leitl.org > ______________________________________________________________ > ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org > 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >
