Apache and 408s

Mon Sep 17 17:18:50 EST 2001

On Mon, 17 Sep 2001, Peter Barker wrote:
> 	Anybody have any clues what it is? Seems rather odd for a
> portscan, since they should probably disconnect after scanning the port,
> and not time out.

Not for a TCP SYN scan.  You send the SYN, and never ACK the reply.  The
server sits there with an open socket till timeout.  This is why its
important in server applications to include the concept of a timeout
because you don't want to leave yourself wide open for a fd DoS attack.

-- 
Matt