Subject: Re: 6+ Mbps SYN flood causing Alpha 500a Workstation box to lock up.
To: GNU Order <>
From: Jason R Thorpe <>
List: port-alpha
Date: 10/03/2001 17:08:16
On Wed, Oct 03, 2001 at 07:34:26PM -0400, GNU Order wrote:

 > I dont know what netBSD has but linux has SYN cookies that helps against that 
 > kind of attack.  It doesn't stop the attack but it allows for new connections 
 > while you block the source's of the attack.

NetBSD actually has syn flood protection, in the form of a compressed
state engine for passive TCP opens.

I'm not sure why its not helping in Laurence's case -- I have tested it
w/ multiple 100Mb/s syn flood attackers.

Perhaps the outside link is being saturated?

        -- Jason R. Thorpe <>