Re: netbase 3.16-10 and TCP SYN cookies being enabled by default

To: debian-devel@lists.debian.org
Subject: Re: netbase 3.16-10 and TCP SYN cookies being enabled by default
From: Bernd Eckenfels <lists@lina.inka.de>
Date: Tue, 15 Feb 2000 21:52:57 +0100
Message-id: <20000215215257.A29620@lina.inka.de>
In-reply-to: <20000215091540.B7297@godzillah.rivendell.sol>; from hmh+debianml@rcm.org.br on Tue, Feb 15, 2000 at 09:15:40AM -0200
References: <20000212112903.A6415@godzillah.rivendell.sol> <20000215091540.B7297@godzillah.rivendell.sol>

On Tue, Feb 15, 2000 at 09:15:40AM -0200, Henrique M Holschuh wrote:
> Important bug #58141 filled against netbase, requesting to either document
> and allow configuration of new behaviour, or to revert to previous behaviour
> (do not touch SYN cookies status).

Okay, its right, the kernel uses syncookies only if a syn flood is using up
all ressources (or a heavy loaded server is configured wrong) and the sysctl
is turned on. To Check if your system would have generated syncookies
already it might help to look at the

tcp_statistics.TcpAttemptFails++;

snmp counter:

netstat -s | grep "failed conn"

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)  When cryptography is outlawed, bayl bhgynjf jvyy unir cevinpl!

Reply to:

References:
- netbase 3.16-10 and TCP SYN cookies being enabled by default
  - From: Henrique M Holschuh <hmh+debianml@rcm.org.br>
- Re: netbase 3.16-10 and TCP SYN cookies being enabled by default
  - From: Henrique M Holschuh <hmh+debianml@rcm.org.br>

Prev by Date: ITP: unixODBC
Next by Date: Re: /dev/log
Previous by thread: Re: netbase 3.16-10 and TCP SYN cookies being enabled by default
Next by thread: Re: mingetty allows control c
Index(es):
- Date
- Thread