Re: tcp syn flood and /proc configuration

To: Patrick Hsieh <pahud@pahud.net>
Cc: debian-security@lists.debian.org
Subject: Re: tcp syn flood and /proc configuration
From: Vincent Hanquez <tab@crans.org>
Date: Tue, 7 May 2002 20:08:05 +0200
Message-id: <[🔎] 20020507180805.GA3949@darwin.crans.org>
In-reply-to: <[🔎] 20020508014300.1E94.PAHUD@pahud.net>
References: <[🔎] 20020507222434.3BA0.PAHUD@pahud.net> <[🔎] 20020507153912.GA1184@darwin.crans.org> <[🔎] 20020508014300.1E94.PAHUD@pahud.net>

On Wed, May 08, 2002 at 01:45:32AM +0800, Patrick Hsieh wrote:
> 
> But this option seems to bring some side-effect. Is there any
> alternative?

imho the better way is to use syncookie.
problems written on the ip-sysctl documentation are more or less normal.
there's not a very good way to know if it's a syn flood or not, except
on underload servers. for highly load servers (many new connection at
once), I can't help.

-- 
Tab

-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- tcp syn flood and /proc configuration
  - From: Patrick Hsieh <pahud@pahud.net>
- Re: tcp syn flood and /proc configuration
  - From: Vincent Hanquez <tab@crans.org>
- Re: tcp syn flood and /proc configuration
  - From: Patrick Hsieh <pahud@pahud.net>

Prev by Date: Re: tcp syn flood and /proc configuration
Next by Date: Re: html spam
Previous by thread: Re: tcp syn flood and /proc configuration
Next by thread: Re: tcp syn flood and /proc configuration
Index(es):
- Date
- Thread