Collected sources and patterns will appear here. Add from search, explore, or the patterns library.
HandshakeRequest -> CookieChallenge
Respond to unauthenticated connection requests with a cryptographic cookie containing IP/timestamp MACs, delaying memory allocation until the initiator echoes it back.
Problem it solves
Responders allocating handshake state immediately upon packet receipt are highly susceptible to denial-of-service (DoS) memory exhaustion attacks.
Consumes
Emits
The real projects this mechanism was found in. Attribution is the point — this is how the best teams actually do it.