This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Date: Fri, 21 Dec 2001 12:39:35 -0800
From: Nate Campi <nate@wired.com>
To: "M. A. Sridhar" <m_a_sridhar@yahoo.com>
Cc: Nate Campi <nate@wired.com>, svlug@svlug.org
Subject: Re: [svlug] DSL Line
On Fri, Dec 21, 2001 at 12:31:23PM -0800, M. A. Sridhar wrote:
>
> --- Nate Campi <nate@wired.com> wrote:
> > On Fri, Dec 21, 2001 at 11:58:07AM -0800, M. A. Sridhar wrote:
> To follow up, then: Can this trick be used if you're being subjected to a
> DOS attack?
Well, MS-DOS is a terrible excuse for an operating system, but people
usually aren't attacked by it.
Seriously, DoS - or Denial of Service attacks usually consist of TCP
packets sent with the SYN bit set in the packet header, resulting in one
of a few common problems (this is for a website scenario):
1) The victim's link to the internet is saturated, denying legit
traffic
2) The load balancers and/or routers in front of the web site can't
handle processing all the packets, filling up the queues and/or
session table in the device
3) The host OS for the web server(s) cannot handle all the SYNs, and
cannot process legit requests (linux syncookies negate this).
Nowhere in this common scenario would dropped routes on a host machine
help - sorry.
===