[nsp-sec] TCP Attack patterns - what is "normal" these days?
Florian Weimer
fweimer at bfk.de
Thu Oct 22 11:14:32 EDT 2009
* Donald Smith:
> Not a scientific answer but lately I have seen more state exaustion
> attacks the pipe filling attacks. All state tables are finate, most
> are relatively small compared to the size (bandwidth) of customers
> pipes.
Would you like the attackers switch back to bandwidth saturation
attacks?
It's feasible to make default installations of major platforms more
resilient to state exhaustion attacks. I'm just not sure if it's a
prudent thing to do.
--
Florian Weimer <fweimer at bfk.de>
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe fax: +49-721-96201-99
More information about the nsp-security
mailing list