TCP RST handling in 6.0
Marc Olzheim
marcolz at stack.nl
Tue Nov 8 14:09:50 PST 2005
On Tue, Nov 08, 2005 at 01:56:41PM -0800, Lars Eggert wrote:
> On Nov 8, 2005, at 12:46, Marc Olzheim wrote:
> >Being on the wrong end of a distributed tcp syn flood attack atm.
> >on the
> >machine I'm mailing from, is probably enough to convince me of its
> >use.
>
> The change we are discussing is not protecting you from SYN floods,
> it is supposed to protect you from spoofed RSTs.
Whoops, indeed, I misread. Well then, still glad to inform you that I'm
happy with the performance of the machine under a synflood attack :-P
Marc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-net/attachments/20051108/904c70f9/attachment.bin
More information about the freebsd-net
mailing list