Re: More problems with NOVM version

From: Martin Ibert <>
Date: Fri, 24 Jan 1997 12:48:14 +0100

Miguel A.L. Paraz wrote:

> Martin Ibert wrote:
> > Great. A classic "SYN flood" attack, but this time by accident rather
> > than by maliciuos design.
> Strange considering there aren't any changes (I think) in the network
> code, but in the storage. Side effect of running out of FDs perhaps?

It's not squid's fault at all. It's not even the operating system's
fault. _Any_ TCP-based application on _any_ operating system (1) should
have the same problem. If lots and lots of connection requests come in,
but the acknowledgements all fall into a black hole, the TCP/IP
subsystem drowns in pending connections.

(1) Okay, apart from those that have been specifically hardened against
SYN floods by implementing connection establishment in a, err, rather
unusual way.

Dipl.-Inform. Martin Ibert, BB-DATA GmbH, phone: +49-30-245-56582
Brunnenstraße 111, D-13355 Berlin, Germany, fax: +49-30-245-56577
Received on Fri Jan 24 1997 - 04:12:48 MST

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:10 MST