LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: Repeat sequence number on TCP with SYN bit

from [Joseph Mack] [Permanent Link]
To: Kyle Sparger <ksparger@xxxxxxxxxxxxxxxxxxxx>
Subject: Re: Repeat sequence number on TCP with SYN bit
Cc: lvs-users@xxxxxxxxxxxxxxxxxxxxxx
From: Joseph Mack <mack@xxxxxxxxxxx>
Date: Thu, 10 Aug 2000 07:13:36 -0400 (EDT) 
On Thu, 10 Aug 2000, Kyle Sparger wrote:

nice idea. what are the sequence numbers in a SYN flood attack?

Joe

> It occured to me that if we were to keep track of not only SYNs, but their
> sequence numbers, we could possibly very easily detect when a TCP based
> real server is having problems by noticing that we've seen that sequence
> number in a SYN from that host not too long ago, and either remove that
> server from the pool, or (more likely) notify userspace for appropriate
> handling.

--
Joseph Mack mack@xxxxxxxxxxx
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Repeat sequence number on TCP with SYN bit, Kyle Sparger
Next by Date:  Re: Repeat sequence number on TCP with SYN bit, Ted Pavlic
Previous by Thread:  Repeat sequence number on TCP with SYN bit, Kyle Sparger
Next by Thread:  Re: Repeat sequence number on TCP with SYN bit, Ted Pavlic
Indexes:  [Date] [Thread] [Top] [All Lists]