Hello!
> - Could there be some kind of handling for such packets (meaning TCP packets
> reaching at an unused port with ACK bit set - with no previous SYN etc packet)
> to avoid such DoS attacks? Is the same happening to newer kernels? If yes,
> should we just eat it and shut up (because that's the way TCP works and it
> will not change)?
TCP MUST do this and this cannot be changed.
> - To do something about the above DoS,...
By any _formal_ criteria there is no DoS here. You reply with one packet
to each incoming packet and do not hold any state. Where is DoS?
Note, that as soon as you will try to remember state, you open way
for true DoSes. 8)
Alexey
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Sep 07 2000 - 21:00:30 EST