[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Ability to withstand well known attacks
On Tue, 22 Jul 2003, Smith, Donald wrote:
> I disagree. Floods will always affect systems. Fill the pipe and the effect
> is the same the network element will be unreachable.
a fill the pipe dos is quite different from syn flood dos which doesnt
fill the pipe. thats the whole point of synflood really -- a dos without exceeding
bandwidth.
i have a 45mbps ds3, and 768k of syn's should not render my router
unusable.
> As long as the network element/service doesn't crash, or hang I think that
> is enough. No matter what you do there will always be a way to temporarily
> remove a service by resource exhaustion.
yes but there is a solution for synfloods to prevent that kind of
exhaustion, so i would say anyone who fails a simple low bandwidth
synflood would fail the rfc.
-Dan
--
[-] Omae no subete no kichi wa ore no mono da. [-]