Subject: Re: 6+ Mbps SYN flood causing Alpha 500a Workstation box to lock up.
To: GNU Order <firstname.lastname@example.org>
From: Jason R Thorpe <email@example.com>
Date: 10/03/2001 17:08:16
On Wed, Oct 03, 2001 at 07:34:26PM -0400, GNU Order wrote:
> I dont know what netBSD has but linux has SYN cookies that helps against that
> kind of attack. It doesn't stop the attack but it allows for new connections
> while you block the source's of the attack.
NetBSD actually has syn flood protection, in the form of a compressed
state engine for passive TCP opens.
I'm not sure why its not helping in Laurence's case -- I have tested it
w/ multiple 100Mb/s syn flood attackers.
Perhaps the outside link is being saturated?
-- Jason R. Thorpe <firstname.lastname@example.org>