I would think that the software (Phex, in particular) would have to be written to look for the reset packets, or at least written to handle them differently than it does right now.

From what I've seen, the attackers are able to terminate maybe 90% of incoming packets by altering them. On a busy machine with a fat connection, that percentage would likely drop. I don't doubt that you can make Phex reject all reset packets, but that would compromise the overall TCP structure. Not a good solution, as it would introduce a high level of errors (or the potential) in the system.

Ideally, you'd want to change the software to reject BOGUS reset packets, but, as Aaron has pointed out, the bad ones look just like good ones. Perhaps it is possible instead to have Phex spend less time dealing with the reset packets, which would free up more processing time (and incoming slots) to deal with the legit requests coming through.

Something to ponder, anyway.

Cheers,

Nick