List Archive: gentoo-security
Note: Due to technical difficulties, the Archives are currently not up to date.
provides an alternative service for most mailing lists.c.f. bug 424647
Scott Taylor wrote:
> Replying in a specific manner which may have been at one point the
> proper and polite way for an IP stack to behave, often turns into a
> method for abuse. Spoof a bunch of syn packets to a host you know
> replies with a rst, and it sends all those extra packets to a victim
> machine who never sent the syn packet in the first place. So that
> machine sends back "port unreachables" and further clogs up their
This is a variation of an attack known as "Distributed Reflective Denial
of Service"; most often associated with ICMP and "Destination Host
Unreachable" or even ICMP echo response packets.
VERY powerful attack; I've seen OC-3s brought to their knees by a kiddie
on a cable modem.
(Analogy points to the military technique known as "carpet-bombing".
Wanna take out a host? Why not just remove his ISP from the Internet?)
Stewart Honsberger - http://blackdeath.snerk.org/
To teach is to learn twice.
-- Joseph Joubert
email@example.com mailing list