Re: kernel patch

Andrei Alexandru (aa1384@cs.utt.ro)
Thu, 7 Oct 1999 19:43:35 +0300 (EEST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: =?iso-8859-1?Q?Horacio_J=2E_Pe=F1a?=: "Re: disabling Linux's screen blanker"
Previous message: Shawn Leas: "RE: devfs again, (was RE: USB device allocation)"

On 5 Oct 1999, Andi Kleen wrote:

> aa1384@cs.utt.ro (Andrei Alexandru) writes:
>
> > I wrote a patch to the linux networking part of the kernel which allows
> > you to aviod denial of service. Basicaly it does a more accurate
> > accounting of sockets and does not let more then MAXCONNFROMONEIP
> > connetions from the same ip.
>
> This sounds like a very effective Denial-of-service attack for everybody
> who can spoof this IP.
>
> -Andi
> --
> This is like TV. I don't like TV.
>
Yes, but if you shouldn't be able to export a spoofed ip. And it only
blocks connections comming from that ip not all the connections like in a
classic dos atack.
Alexandru

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

Next message: =?iso-8859-1?Q?Horacio_J=2E_Pe=F1a?=: "Re: disabling Linux's screen blanker"
Previous message: Shawn Leas: "RE: devfs again, (was RE: USB device allocation)"