Subject: Re: erroneous ack packet, ideas please?
To: None <>
From: Stefan Grefen <>
List: tech-net
Date: 07/11/1997 09:37:12
In message <>  "Perry E. Metzger" wrote:
> Andrew Brown writes:


> > >Great. That will make SYN attacks even more effective at crippling
> > >machines.
> > 
> > well...even if you put it in your kernel, you wouldn't have to use it,
> > would you?
> No, but I generally don't hand people loaded guns that will only fire
> at their own feet...

maybe the gun is to heavy ...
There are other uses for this (see my previous mail for one) besides fighting


> No, I can't blame you for wanting to learn, but I could blame you for
> suggesting we actually add it. :)

No, it's a usefull feature (I had to do a kernel hack for somebody, which would
have been avoided with this feature).
I think there a couple of scenarios where this feature is handy, a lot where
you don't need it and one where it is dangerous (being connected to the 
internet and minding SYN attacks ..). 
If there would be a ballot I would vote for adding it.


> Perry

Stefan Grefen                                Tandem Computers Europe Inc.                       High Performance Research Center
If a group of N persons implements a COBOL compiler, there will be N-1
passes.  Someone in the group has to be the manager.
                -- T. Cheatham