> There are a few problems with this. Here are a few I've just come up with
> off the top of my head.
> 1. I'm not aware of any term servers which could do this. (admittedly this
> is a weak one)
I don't know any either. But, this shouldn't be *that* hard to create.
> 2. unless your 'smart term server' is VERY smart(spendy) it will break
> protocols like FTP (which passes IP and port _inside_ the packets)
you should be able to parse off the port.
> 3. some (many) ISP's and schools assign static IP's per user. (this probably
> doesn't matter)
> 4. your objective could be achieved much much more easily by having the term
> server filter and drop packets not from the IP address assigned. (and using
> today's term servers)
> Another problem is with your assumptions. Were I to launch such an attack,
> I'd use compromised, fast connected machines with 'cron' not my own
> traceable dialup. Most educational institutions have machines connected to
> the net, which students in programming classes have plenty of access to, for
> this sort of attack.
> You seem to assume these are teenage miscreants rather than folks with a
> serious economic incentive. I'm not sure that's reasonable. Surely today,
> with the recent publishing of code, lots of wannabes will try it out, but
> until we figure out a good way around it
The SYN denial of service attack is targeted to incapacitate the trusted
host of a server. By taking the trusted server off line through floods, the
attacker can spoof the address of the trusted server and gain access to any
host it serves. The attack on the NY ISP seems to be just an effort to
trash that ISP, not to find trade secrets or change the Dept. of Justice Home
> (perhaps a different way for TCP
> buffers to be allocated ?) we're all vulnerable. If I secure the few
> thousand dialup ports I can, I'm only a small bit more protected than I was.
> The other few million out there are still wide open. I cannot imagine that
> this could be universally enforced.
> Just my $.02
R. Todd Truitt Todd .
Evolving Systems, Inc.