Other possible protection against RST/SYN attacks

Neo-Vortex root at Neo-Vortex.Ath.Cx
Thu Apr 22 01:00:20 PDT 2004


Heres my view on this hole thing and a solution to it:

Take a step back from the problem, how is it caused? Spoofing of packets.
Numerous vulnerabilities come from spoofed packets, and no doubt there
will be more to come.

If the ability to spoof packets on the internet was stopped, it would be
much easier to fight such things, because they would not be possible.

How to stop the spoofing? get ISPs to allow their customers to only send
IP packets with the src address the same as their allocated ip(s) and drop
the rest.

If they all took the time to impliment this, they would not have to worry
so much about patches later on because the probability of the packets
being spoofed becomes so low.

This could also be implimented on a higher level too (Asin the higher
level ISPs doing similiar stuff)


More information about the freebsd-security mailing list