[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]
Re: Network security enhancement
On Sat, 3 Feb 2001, Sunil Dhaka wrote:
> The first query is a default setting in the sysctl.conf file
> # Enable TCP SYN Cookie Protection net.ipv4.tcp_syncookies = 1 A SYN
> Attack is a denial of service attack that consumes all the resources
> on your machine, forcing you to reboot. It is achievable from
> internal internal resources or external connections
> A TCP SYN cookie is a well known exploit and this feature
I believe the stuff being referred to is called `TCP SYN flooding'
And, this is what the (in)famous D. J. Bernstein has to say about SYN
Also take a look at the stuff titled `SYN flood protection' in the file
Documentation/Configure.help in the kernel source.
> enables TCP SYN cookie protection
> -- Sunil Dhaka in search of Linux enlightenment