North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Syn flooding attacks
- From: Peter Evans
- Date: Mon Oct 20 19:38:47 1997
Phil Howard <email@example.com> wrote:
[about SYN flooding]
|I don't know of any routers that have these or other means of dealing with
|the SYN attacks.
If you search cco for "tcp intercept", you should find
something interesting. This feature was available in
11.2(4)F. ((paraphrased from memory))
Basically the router completed the handshaking then passed
on the completed connection to the inside host.
When under attack, it halves the timeouts (progressively?)
for half-open connections.
I don't know what happened to the F branch. It seems to have
been left behind.
The Lost Patrol. Level 30~36, HP 800, AC -2. The Highway Patrol of
The Random Road, they keep the peace, they eat donuts. -TRR '97
O_u \\ // P-Chan ya \\ Global OnLine Japan
U \Beh! \\ // P-Moji-Yo! \\ Steam Engineering