Re: Curious: syncookies ready for distributed syn flooding?

• Next message: Alex Buell: "[OT] PowerEdge 6300 w/ PERC 2/SC controller"
• Previous message: s-sumi@trc.rwcp.or.jp: "Re: Compaq SMP problem (PLUG list repost with updates)"
• In reply to: Alan Cox: "Re: Curious: syncookies ready for distributed syn flooding?"
• Next in thread: Alan Cox: "Re: Curious: syncookies ready for distributed syn flooding?"
• Reply: Alan Cox: "Re: Curious: syncookies ready for distributed syn flooding?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 2000-06-10T22:09:01,
   Alan Cox <alan@lxorguk.ukuu.org.uk> said:

> I'd actually be tempted to implement syn cookies on the firewall and do a
> proxy session, even if I did it purely kernel space.

This could be an add-on to NAT/masquerading, since we already track connection
status there anyway. (Meaning we don't open an additional channel to run our
firewall out of memory with state data, but only "beef up" an already existing
one)

Sincerely,
    Lars Marowsky-Brée <lmb@suse.de>
    Development HA

-- 
Perfection is our goal, excellence will be tolerated. -- J. Yahl
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/

• Next message: Alex Buell: "[OT] PowerEdge 6300 w/ PERC 2/SC controller"
• Previous message: s-sumi@trc.rwcp.or.jp: "Re: Compaq SMP problem (PLUG list repost with updates)"
• In reply to: Alan Cox: "Re: Curious: syncookies ready for distributed syn flooding?"
• Next in thread: Alan Cox: "Re: Curious: syncookies ready for distributed syn flooding?"
• Reply: Alan Cox: "Re: Curious: syncookies ready for distributed syn flooding?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Thu Jun 15 2000 - 21:00:25 EST