Miguel A.L. Paraz wrote:
> Martin Ibert wrote:
> > Great. A classic "SYN flood" attack, but this time by accident rather
> > than by maliciuos design.
>
> Strange considering there aren't any changes (I think) in the network
> code, but in the storage. Side effect of running out of FDs perhaps?
It's not squid's fault at all. It's not even the operating system's
fault. _Any_ TCP-based application on _any_ operating system (1) should
have the same problem. If lots and lots of connection requests come in,
but the acknowledgements all fall into a black hole, the TCP/IP
subsystem drowns in pending connections.
(1) Okay, apart from those that have been specifically hardened against
SYN floods by implementing connection establishment in a, err, rather
unusual way.
-- ----------------------------------------------------------------- Dipl.-Inform. Martin Ibert, BB-DATA GmbH, phone: +49-30-245-56582 Brunnenstraße 111, D-13355 Berlin, Germany, fax: +49-30-245-56577 --------------------------------------- mailto:mib@ppe.bb-data.deReceived on Fri Jan 24 1997 - 04:12:48 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:34:10 MST