|
| |||||||
| Register | FAQ | The Twelve Commandments | Members List | Calendar | Arcade | Find the Best VPN | Today's Posts | Search |
| General Discussion For anything which doesn't fit somewhere else (for PHEX users) |
 |
| | LinkBack | Thread Tools | Display Modes |
January 15th, 2008
| |||
| |||
 Phex and Reset Packets I would think that the software (Phex, in particular) would have to be written to look for the reset packets, or at least written to handle them differently than it does right now. From what I've seen, the attackers are able to terminate maybe 90% of incoming packets by altering them. On a busy machine with a fat connection, that percentage would likely drop. I don't doubt that you can make Phex reject all reset packets, but that would compromise the overall TCP structure. Not a good solution, as it would introduce a high level of errors (or the potential) in the system. Ideally, you'd want to change the software to reject BOGUS reset packets, but, as Aaron has pointed out, the bad ones look just like good ones. Perhaps it is possible instead to have Phex spend less time dealing with the reset packets, which would free up more processing time (and incoming slots) to deal with the legit requests coming through. Something to ponder, anyway. Cheers, Nick  |
|
January 17th, 2008
| ||||
| ||||
| I forwarded your message to our lead dev (gregor_k).
__________________  -> put this banner into your own signature! <- -- Erst im Spiel lebt der Mensch. Nur ludantaj homoj vivas. GnuFU.net - Gnutella For Users Draketo.de - Shortstories, Poems, Music and strange Ideas. |
|
January 18th, 2008
| ||||
| ||||
| For Phex, the TCP management is done in the OS, so we can't (easily) access it. Are there firewalls which can be cconfigured to kill out excess RST headers easily?
__________________ -> put this banner into your own signature! <- -- Erst im Spiel lebt der Mensch. Nur ludantaj homoj vivas. GnuFU.net - Gnutella For Users Draketo.de - Shortstories, Poems, Music and strange Ideas. |
|
January 18th, 2008
| |||
| |||
| Firewalls and TCP (and Phex) I don't know of any under a Windows environment - not even with Win Server 2003. There are in Linux, though, at least in my version (RHEL - Red Hat Enterprise Linux). The Linux version of Phex runs fine under it, but I know most people are running a Win variant (as am I, on most of my systems). I will talk to some of my guys who are more TCP/IP literate than I am, and see what they have to say. Unfortunately, if you stay in IT long enough, eventually everyone else does the work and you just sit around signing things.  By the way, Cox has ceased their attack, at least for now. They kept it up for nearly a week. Cheers, Nick |
|
| |
Linear Mode
