--> -->um... maybe i'm missing the clue here, but if the router vendors add -->something that shuts down an interface if the SYN/SYN-ACK/ACK ratio -->becomes too bad make it *easier* for me if i'm doing a denial of service -->attack on a host? --> -->instead of denying service to a given host, all i have to do is drive -->the router into alarm mode so it shuts off the interface and then i get -->to deny service to an entire segment and everything downstream from that -->segment... --> -->here's to better bang for your cracker-kiddie buck... -->--regis -->> --> That could potentially take out a pop, as each interface goes down due to an attack. -- ------------------------------------------- | Jeremy Hall Network Engineer | | ISDN-Net, Inc Office +1-615-371-1625 | | Nashville, TN and the southeast USA | | jhall@isdn.net Pager +1-615-702-0750 | -------------------------------------------