From: "John S. Denker" <jsd@monmouth.com>
To: Oskar Andreasson <blueflux@koffein.net>
Cc: "David S. Miller" <davem@redhat.com>, netdev@oss.sgi.com
Subject: Re: defending against syn flood attacks
Date: Tue, 01 Apr 2003 15:58:52 -0500 [thread overview]
Message-ID: <3E89FD8C.2060607@monmouth.com> (raw)
In-Reply-To: <Pine.LNX.4.44.0304012156390.22941-100000@laptop1.agatha>
On 04/01/2003 02:59 PM, Oskar Andreasson wrote:
>>
>> TCP syncookies "seriously violates the TCP protocol"
>> ... statement written by Alexey.
Those who are interested in defending against
syn flood attacks without seriously violating the
TCP protocol may be interested in the following:
Abstract
The protocol of the present invention includes two new
first level protocols and several embodiments of a
second level protocol. The two new first level protocols
of the present invention include the TCP2B protocol and
the TCP2E protocol. In the TCP2B protocol, both client
and server indicate their support for this protocol using
one or more bits in TCP header. According to the
TCP2B protocol, the client retransmits its requested
options in the ACK message so the server need not
store the options after the connection request. In the
TCP2E protocol, the server maintains a Friends Table
listing addresses of device recently observed to be
complying with TCP. If a client's address is on the
Friends Table, the connection request is processed
according to TCP. Otherwise, the server sends an ACK
message to the client to prompt the client to send a
reset message. The client's address can then be added
to the Friends Table.
The patent is held by AT&T. I have no idea how hard it
would be to get a license.
http://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PALL&p=1&u=/netahtml/srchnum.htm&r=1&f=G&l=50&s1=5,958,053.WKU.+5,958,053.WKU.&OS=PN/5,958,053+OR+PN/5,958,053&RS=PN/5,958,053+OR+PN/5,958,053
prev parent reply other threads:[~2003-04-01 20:58 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-04-01 19:59 [PATCH][RESEND] Update of tcp_syncookies explanation Oskar Andreasson
2003-04-01 20:58 ` John S. Denker [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3E89FD8C.2060607@monmouth.com \
--to=jsd@monmouth.com \
--cc=blueflux@koffein.net \
--cc=davem@redhat.com \
--cc=netdev@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).