This is part of The Pile, a partial archive of some open source mailing lists and newsgroups.
Date: Fri, 21 Dec 2001 12:39:35 -0800 From: Nate Campi <nate@wired.com> To: "M. A. Sridhar" <m_a_sridhar@yahoo.com> Cc: Nate Campi <nate@wired.com>, svlug@svlug.org Subject: Re: [svlug] DSL Line On Fri, Dec 21, 2001 at 12:31:23PM -0800, M. A. Sridhar wrote: > > --- Nate Campi <nate@wired.com> wrote: > > On Fri, Dec 21, 2001 at 11:58:07AM -0800, M. A. Sridhar wrote: > To follow up, then: Can this trick be used if you're being subjected to a > DOS attack? Well, MS-DOS is a terrible excuse for an operating system, but people usually aren't attacked by it. Seriously, DoS - or Denial of Service attacks usually consist of TCP packets sent with the SYN bit set in the packet header, resulting in one of a few common problems (this is for a website scenario): 1) The victim's link to the internet is saturated, denying legit traffic 2) The load balancers and/or routers in front of the web site can't handle processing all the packets, filling up the queues and/or session table in the device 3) The host OS for the web server(s) cannot handle all the SYNs, and cannot process legit requests (linux syncookies negate this). Nowhere in this common scenario would dropped routes on a host machine help - sorry. ===