[clug] DDOS using SYN cookies.
Daniel Pittman
daniel at rimspace.net
Wed Oct 1 23:47:59 GMT 2008
Sunnz <sunnzy at gmail.com> writes:
> http://it.slashdot.org/it/08/10/01/0127245.shtml
>
> Looks pretty serious, "there are no known mitigation" technique... now
> I don't completely understand this myself, I know that TCP initiates
> with a 3 way hand shake, but never know a SYN cookie is used to avoid
> DDOS attack... but now SYN cookies are used to do a DDOS?!
Given how many of the advanced features of TCP they disable, syncookies
are not all that good for you to start with, these days.
> What do you think?
Until they release details, this could be anything from a couple of IP
stack bugs through to a fundamental flaw in a protocol designed when
security was not a glimmer of an issue.
It is unlikely to cause the end of anything, not least because you can
*always* DoS things, and because whatever vulnerabilities it exploits
will be mitigated, somehow.
Regards,
Daniel
More information about the linux
mailing list