New Denial of Service Attack on Panix

Dima Volodin writes:

Now can I hold my breath waiting for vendors to incorporate this stuff
into their products? Has anybody heard anything from Sun on this
matter?

I know for a fact that Sun is actively working on patches.

Perry

Dima Volodin writes:

Now can I hold my breath waiting for vendors to incorporate this stuff
into their products?

At least BSDI, Sun, SGI, and HP are working on TCP SYN hardening.
(yes, cisco is also on top of things :-).

I have no data on what might be up at other vendors.

Ran
rja@cisco.com

the linux ip folk have released at least one patch (available near
http://www.uk.linux.org/NetNews.html) that holds off the problem for a
bit. it has a larger infant connection queue and drops some off the end
if its under attack. There has also been some talk of doing much more
'sneaky' stuff. i.e. encoding cookies in rsts instead of sending
synacks..

zach