First page Back Continue Last page Overview Graphics
Denial of Service (DoS attacks)
Saturate the host's network link
- Service degradation for legitimate users
- Blast a host (or subnet, or domain, or AS) off the Internet!
- # ping -f <victim_IP>
- Limit rate of requests with netfilter
Fill the victim's TCP connection queue with SYNs
- TCP SYN cookies defend against that
- echo 1 > /proc/sys/net/ipv4/tcp_syncookies
Notes:
D.J.Bernstein's SYN cookies page:
http://cr.yp.to/syncookies