TCP SYN Flooding and IP Spoofing Attacks
Popularity Report
 |
|||
|
|||
|
|||
|
|||
|
|||
|
Rank
URL Tag Cloud
Bookmark History
Saved by 5 people (-1 private), first by anonymouse user on 2006-09-20
- Allendug on 2007-08-07 - Tags hack , syn
- Del__t on 2007-03-25 - Tags imported furl
- Test_dellll on 2007-03-24 - Tags hack , imported:delicious , syn
- Del_ttt on 2007-03-24 - Tags hack , imported:delicious , syn
- Joel on 2006-09-20 - Tags hack , syn
Public Sticky notes
The location of the attacking system is obscured because the source
addresses in the SYN packets are often implausible. When the packet
arrives at the victim server system, there is no way to determine its
true source. Since the network forwards packets based on destination
address, the only way to validate the source of a packet is to use input
source filtering (see Appendix A).
Highlighted by joel
Systems providing TCP-based services to the Internet community may
be unable to provide those services while under attack and for some
time after the attack ceases. The service itself is not harmed by the
attack; usually only the ability to provide the service is impaired.
In some cases, the system may exhaust memory, crash, or be rendered
otherwise inoperative.
Highlighted by joel
Public Comment