Subject: syn flooding handling ..
To: None <netbsd-help@netbsd.org, tech-security@netbsd.org>
From: Murhy Paul <learning_netbsd@hotmail.com>
List: netbsd-help
Date: 03/18/2004 14:46:14
Hi,

I am new to NetBSD and was looking at it with respect to syn flooding attack 
handling for some reason.

Unfortunately I dont have direct access to a netbsd machine right now and so 
if somebody could please give me answer to these questions:

From very little I know there is no definite fail proof solution to syn 
attacks.
Best or most widely used being syn cookies / rst cookies ..
I was looking at the source code and tcp_input.c file does have all syn 
cache handling.
But, being new wanted to know if that is on by default.
( version I am looking onto is 1.6.1 .. )
or does it have to be turned on, variables one can play with in this regard 
??
can limits be set per port / service ??

And how well / what is the behaviour of netbsd when a default installation 
is put in front a spoofed ip syn attack ?

Please ignore my naiveness, I dont have any hands on experience w.r.t netbsd 
security handling / patches.

Regards,

_________________________________________________________________
Get head-hunted by 10,000 recruiters. http://go.msnserver.com/IN/44798.asp 
Post your CV on naukri.com today.