Re: netbase 3.16-10 and TCP SYN cookies being enabled by default
On Sat, Feb 12, 2000 at 12:26:30PM -0600, David Starner wrote:
> Maybe I don't understand here. If you enable syncookies in the kernel,
> why would not want to use them? Or are they compiled into the default
> kernels?
Because the kernel is turning them on automatcally if (and only if) the
kernel recognices a SYN Attack ("possible SYN flooding on port %d. Sending
cookies.").
We should not overwrite kernel defaults without good reason or without
asking the user about it. Especially not if it makes no sense and breaks
communication.
Greetings
Bernd
--
(OO) -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
( .. ) ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes@irc +497257930613 BE5-RIPE
(O____O) When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!
Reply to: