Subject: Re: 6+ Mbps SYN flood causing Alpha 500a Workstation box to lock up.
To: Laurence Brockman <L.Brockman@videon.ca>
From: GNU Order <firstname.lastname@example.org>
Date: 10/03/2001 19:34:26
I dont know what netBSD has but linux has SYN cookies that helps against that
kind of attack. It doesn't stop the attack but it allows for new connections
while you block the source's of the attack.
On Tuesday 02 October 2001 16:01, you wrote:
> Haven't done too much investigation into this, but we have a workstation
> box running ircd on efnet (Runs fairly well). Recently we've been getting
> hit with an interesting DoS... We get hit with a whole bunch of SYN packets
> (As it says in subject, 6+ Mbps). This causes the box to totally stop
> processing ANY packets, both on that interface and on another interface.
> This box is running 1.5.1 with 256 megs of ram. I'm wondering if anyone has
> encountered this before? And if so how they fixed it? Also, would upgrading
> to 1.5.2 fix this problem?
> Laurence Brockman
> Unix Administrator
> Shaw CableSystems G.P.
> (780) 486-6527