On Wed, Oct 03, 2001 at 07:34:26PM -0400, GNU Order wrote:

 > I dont know what netBSD has but linux has SYN cookies that helps against that 
 > kind of attack.  It doesn't stop the attack but it allows for new connections 
 > while you block the source's of the attack.

NetBSD actually has syn flood protection, in the form of a compressed
state engine for passive TCP opens.

I'm not sure why its not helping in Laurence's case -- I have tested it
w/ multiple 100Mb/s syn flood attackers.

Perhaps the outside link is being saturated?

-- 
        -- Jason R. Thorpe <thorpej@wasabisystems.com>