>
> Andi Kleen writes:
> > It's mostly for security to make it more difficult to nuke connections
> > without knowing the sequence number.
> >
> > Remember RFC is from a very different internet with much less DoS attacks.
>
> Andi, one of the worst DoSs in the world is not being able to
> communicate with half of the systems out there.
>
> BSD and Solaris both make these kinds of packets, therefore it is must
> to handle them properly. So we will fix Linux, there is no argument.
Hang on... From what was quoted of the RFC, this behaviour (accepting
these packets) isn't required of hosts? In which case, if BSD or Solaris
depend on it, THEY are violating the protocol, not Linux??
James.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
Please read the FAQ at http://www.tux.org/lkml/