Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Syn flooding attacks

  • From: Peter Evans
  • Date: Mon Oct 20 19:38:47 1997

Phil Howard <phil@charon.milepost.com> wrote: 

	[about SYN flooding]

|I don't know of any routers that have these or other means of dealing with
|the SYN attacks.

	If you search cco for "tcp intercept", you should find
	something interesting. This feature was available in
	11.2(4)F.  ((paraphrased from memory))

	Basically the router completed the handshaking then passed
	on the completed connection to the inside host.

	When under attack, it halves the timeouts (progressively?)
	for half-open connections.

	I don't know what happened to the F branch. It seems to have
	been left behind.


	Peter
	----*

-- 
The Lost Patrol. Level 30~36, HP 800, AC -2. The Highway Patrol of
The Random Road, they keep the peace, they eat donuts.    -TRR '97

 O_u	 \\                   // P-Chan ya \\  Global OnLine Japan
  U \Beh! \\                 // P-Moji-Yo!  \\   Steam Engineering




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.