[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ISSForum] Stream_DoS signature

In its security information that can be found on
http://www.iss.net/security_center/reference/vuln/Stream_DoS.htm, it's
noted that signature only considers ACK packets that are not associated
with an active connection.

But I've found that this signature is triggered whenever the number of ACKs
exceed the pam.flood.ack.limit threshold within pam.flood.ack.interval

Has anyone found the same? Please, correct me if I'm wrong.

Best regards, Sergey V. Soldatov.
tel/fax +7 095 745 89 50 (2663)

ISSForum mailing list

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@xxxxxxx

The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.