Re: Firewalling and network resource consumption while under attack

Alan Cox (alan@lxorguk.ukuu.org.uk)
Mon, 21 Sep 1998 17:07:46 +0100 (BST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Cox: "Re: Linux, UDI and SCO."
Previous message: Bill Hawes: "patch for 2.1.122 dquota -- please test!"
In reply to: david: "Firewalling and network resource consumption while under attack"
Next in thread: david: "Re: Firewalling and network resource consumption while under attack"
Reply: david: "Re: Firewalling and network resource consumption while under attack"

> However when the rate reached 8,000pps, new connections were -very- lagged
> and most current connections stalled. Even those on the local network.

What bandwidth is your link. If someone floods you with the full link
bandwidth then the upstream ISP is needed to control it. Fortunately at
those kind of rates it is very traceable.

> I haven't looked at the networking code, but the supposition is that the
> firewall should drop the offending packets and not allow them to consume
> my entire stack.

No. The firewall can't magically tell who was a "good" connection, and
if as I suspect you simply ran out of bandwidth you lose. The first rule
of information and real warfare is the same "man with biggest club wins"

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: Alan Cox: "Re: Linux, UDI and SCO."
Previous message: Bill Hawes: "patch for 2.1.122 dquota -- please test!"
In reply to: david: "Firewalling and network resource consumption while under attack"
Next in thread: david: "Re: Firewalling and network resource consumption while under attack"
Reply: david: "Re: Firewalling and network resource consumption while under attack"