[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Using cookies/computational effort to defeat syn-flooding




There are two facets to this problem, as I see it.  One is spam
packets of any type that have forged sources, can't be easily traced
due to ISPs not being prepared to do this, etc.  The second is fragile
mechanisms that are easily toppled even without any forgery.  While we
need to fix the second where we can, there will always be packets that
can cause trouble and evem just a string of nonsense packets firehosed
at a host can degrade/deny service to others due to bandwidth
considerations.  ((Actually I wonder what the chance is that mostly
random packets would crash the IP stack in an average host...  Seems
like the kind of test everyone would know you should do on your
software but who knows...))

I think we need to always worry about the first with some sort of IP
level mechanism that is very much cheaper than any of the current
IPSECs and which also provides some assistance in tracing back the
physical origin of packets.

The Internet is increasingly under attack and we need continuing effort
at making it more robust at all levels.

Donald

From: Germano Caronni <caronni@tik.ee.ethz.ch>
Message-Id: <199609231120.NAA01210@kom30.ethz.ch>
Subject: The skip-info mailing list
To: skip-info@skip.org, Project SKIP <skip@tik.ee.ethz.ch>, 
    Bernhard Plattner <plattner@tik.ee.ethz.ch>, ipsec@TIS.COM
Date: Mon, 23 Sep 1996 13:20:56 +0200 (MET DST)
X-Mailer: ELM [version 2.4 PL24 PGP6]
Content-Type: text
Sender: ipsec-approval@neptune.tis.com
Precedence: bulk

The SKIP internal mailing list 'skip-info@tik.ee.ethz.ch' has moved. It is
now located at skip-info@skip.org. 

If you are already a subscriber, your subscription will hopefully have
been moved to the new list.  Otherwise, to subscribe, send email to
majordomo@skip.org, with the folowing text in the body (not subject) of
your message:

	subscribe skip-info



Friendly greetings,

	Germano Caronni