CK’s that contain no data are not reliably transmitted by TCP. If zero window probing is not supported, a connection may hang forever when an ACK segment that re-opens the window is lost. This type of attack has been realized since 2006. This means that an application or firewall must selectively abort TCP connections that appear malicious by staying in the persist state and consume large amounts of resources.

I like the description of spending a friday night spent geeking out. It makes me miss my old viewsonic 21″ CRT that I got for ninety-nine bucks from a busted dot com venture capital business back in the 90’s.