[Lance Spitzner] > On Fri, 30 Jul 1999, Jeff Roberson wrote: > > Also, if they implemented a circular buffer where connections that had > > been idle the longest were disconnected in favor of new connections their > > scalability might increase some. > > Excellent recommendation, I'll pass it along to Check Point! Neat idea. Am I the only person who sees the potential for even further abuse if this 'feature' is added? Wouldn't this allow DoS attackers to not only keep new connections from being established, but also to forcefully close already-established valid connections? Or am I missing something? I think it might work, though, if non-established, ie only two of three handshakes completed, connections were kept in a circular buffer. That way, the worst abuse that could happen would be for DoS'ers to incur a *chance* of established connections failing, and they wouldn't be able to affect already-established connections. They'd have to keep hammering at the unestablished-connection buffer, and very quickly, too, in order to keep valid connections from making it through. Perhaps this is what was intended by the suggestion in the first place?
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:55:01 PDT