Gentoo Logo
Gentoo Spaceship

Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-security
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
To: Scott Taylor <scott@...>
From: Stewart Honsberger <blkdeath@g.o>
Subject: Re: firewall suggestions?
Date: Sat, 31 Jan 2004 04:08:34 -0500
Scott Taylor wrote:
> Replying in a specific manner which may have been at one point the
> proper and polite way for an IP stack to behave, often turns into a
> method for abuse. Spoof a bunch of syn packets to a host you know
> replies with a rst, and it sends all those extra packets to a victim
> machine who never sent the syn packet in the first place. So that
> machine sends back "port unreachables" and further clogs up their
> network. 

This is a variation of an attack known as "Distributed Reflective Denial 
of Service"; most often associated with ICMP and "Destination Host 
Unreachable" or even ICMP echo response packets.

VERY powerful attack; I've seen OC-3s brought to their knees by a kiddie 
on a cable modem.

(Analogy points to the military technique known as "carpet-bombing". 
Wanna take out a host? Why not just remove his ISP from the Internet?)

Stewart Honsberger -
To teach is to learn twice.
                 -- Joseph Joubert

gentoo-security@g.o mailing list

Re: firewall suggestions?
-- Ben Cressey
Re: firewall suggestions?
-- Oliver Schad
Re: firewall suggestions?
-- Paul de Vrieze
Re: firewall suggestions?
-- Scott Taylor
Lists: gentoo-security: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Re: firewall suggestions?
Next by thread:
Re: firewall suggestions?
Previous by date:
Re: firewall suggestions?
Next by date:
Security without obscurity (was: [gentoo-security] firewall suggestions?)

Updated Jun 17, 2009

Summary: Archive of the gentoo-security mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.