[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: tcp syn flood and /proc configuration

On Wed, May 08, 2002 at 01:45:32AM +0800, Patrick Hsieh wrote:
> But this option seems to bring some side-effect. Is there any
> alternative?

imho the better way is to use syncookie.
problems written on the ip-sysctl documentation are more or less normal.
there's not a very good way to know if it's a syn flood or not, except
on underload servers. for highly load servers (many new connection at
once), I can't help.


To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: