Subject: syn flooding handling ..
To: None <,>
From: Murhy Paul <>
List: tech-security
Date: 03/18/2004 14:46:14

I am new to NetBSD and was looking at it with respect to syn flooding attack 
handling for some reason.

Unfortunately I dont have direct access to a netbsd machine right now and so 
if somebody could please give me answer to these questions:

From very little I know there is no definite fail proof solution to syn 
Best or most widely used being syn cookies / rst cookies ..
I was looking at the source code and tcp_input.c file does have all syn 
cache handling.
But, being new wanted to know if that is on by default.
( version I am looking onto is 1.6.1 .. )
or does it have to be turned on, variables one can play with in this regard 
can limits be set per port / service ??

And how well / what is the behaviour of netbsd when a default installation 
is put in front a spoofed ip syn attack ?

Please ignore my naiveness, I dont have any hands on experience w.r.t netbsd 
security handling / patches.


Get head-hunted by 10,000 recruiters. 
Post your CV on today.