More or less. When doing a sequence number guessing attack, one of the
problems faced by the attacker is preventing the spoofed machine from
replying with an RST to the SYN+AC for a connection it knows nothing
about. Morris's original version used a low-rate SYN flood that
exploited a bug in the BSD kernel to effectively gag a low-numbered
port. His paper can be found at
This isn't the same weakness that was exploited by the early SYN
floods, but it took advantage of the same limit on half-open

    --Steve Bellovin,