[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Ability to withstand well known attacks

To: "Smith, Donald" <Donald.Smith@qwest.com>
Subject: RE: Ability to withstand well known attacks
From: Dan Hollis <goemon@anime.net>
Date: Tue, 22 Jul 2003 11:33:09 -0700 (PDT)
Cc: opsec@ops.ietf.org
In-reply-to: <2D00AD0E4D36D411BD300008C786E4240D558FD3@Denntex021.qwest.net>

On Tue, 22 Jul 2003, Smith, Donald wrote:
> I disagree. Floods will always affect systems. Fill the pipe and the effect
> is the same the network element will be unreachable.

a fill the pipe dos is quite different from syn flood dos which doesnt 
fill the pipe. thats the whole point of synflood really -- a dos without exceeding 
bandwidth.

i have a 45mbps ds3, and 768k of syn's should not render my router 
unusable.

> As long as the network element/service doesn't crash, or hang I think that
> is enough. No matter what you do there will always be a way to temporarily
> remove a service by resource exhaustion.

yes but there is a solution for synfloods to prevent that kind of 
exhaustion, so i would say anyone who fails a simple low bandwidth 
synflood would fail the rfc.

-Dan
-- 
[-] Omae no subete no kichi wa ore no mono da. [-]

References:
- RE: Ability to withstand well known attacks
  - From: "Smith, Donald" <Donald.Smith@qwest.com>

Prev by Date: RE: Ability to withstand well known attacks
Next by Date: RE: Ability to withstand well known attacks
Previous by thread: RE: Ability to withstand well known attacks
Next by thread: RE: Ability to withstand well known attacks
Index(es):
- Date
- Thread