13 May
2004
13 May
'04
2:11 p.m.
On 13-mei-04, at 19:48, Steven M. Bellovin wrote:
The same document that fully ignores that port number randomness will severely limit the risk of susceptibility to such an attack?
How many zombies would it take to search the port number space exhaustively?
How many route processors does it take to look at the packets from all those zombies? This very quickly becomes a DoS against the route processor rather than a TCP exploit.