Hi,
On Thu, 11 Dec 2008, paul at clubi.ie wrote:
> On Thu, 11 Dec 2008, Brian Foster wrote:
>>> the admin did say it's a protection against some sort
>> of attacks (he wasn't specific and I didn't ask).
>> Ok.. the answer is to go find this Mordac and (gently) beat them about
> the head with a sturdy, hardback copy of Stevens, until they disable this
> moronic and useless "security" feature.
I'd be curious to know what attack is being defended against and what it's
doing though. Is it just dropping the connection?
> The attack Gavin mentions is interesting, but applying a rate-limiter to
> the traffic (e.g. WRED, see Floyd, etc.) is probably a far better
> answer, and more inline with standard, network best-practice.
I doubt Brian's issue has much to do with that attack, it just reminded me
of it a little. Some debate has gone on over how best to deal with it.
http://www.archivum.info/tcpm@ietf.org/2007-01/msg00034.html
Gavin
Maintained by the ILUG website team. The aim of Linux.ie is to
support and help commercial and private users of Linux in Ireland. You can
display ILUG news in your own webpages, read backend
information to find out how. Networking services kindly provided by HEAnet, server kindly donated by
Dell. Linux is a trademark of Linus Torvalds,
used with permission. No penguins were harmed in the production or maintenance
of this highly praised website. Looking for the
Indian Linux Users' Group? Try here. If you've read all this and aren't a lawyer: you should be!
