On Mon, 11 Mar 2019, Pedro David Marco wrote:
Not a long time ago someone in the list mentioned an interesting antiDos mitigation technique consisting in "playing" with attackers TCP windows sizes... (as far as i remember)... but i cannot find the post with the name of the tehcnique :-( Please, if someone remembers the name of the technique, tell me off-list..
It's not so much an anti-DoS technique as a way to waste the attacker's resources with minimum investment of *your* resources - for example, if you have a spammer from a predictable IP who is persistent even in the face of 100% SMTP rejects of anything from that IP.
The term is "TCP Tarpit". -- John Hardin KA7OHZ http://www.impsec.org/~jhardin/ jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79 ----------------------------------------------------------------------- Maxim XI: Everything is air-droppable at least once. ----------------------------------------------------------------------- 2 days until Albert Einstein's 140th Birthday
