North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: Is there a line of defense against Distributed Reflective attacks?
- From: Rob Thomas
- Date: Thu Jan 16 23:06:57 2003
] Because syn cookies are available on routing gear??? Either way syn
] cookies are not going to keep the device from sending a 'syn-ack' to the
] 'originating host'.
Agreed. SYN cookies also won't drain a pipe full of malevolent packets.
Any response the target is able to send during a TCP amplification
attack is a bonus prize, but is not required for the attack to succeed.
ASSERT(coffee != empty);