* [ECOS] BSD TCP/IP Stack & SYN Flooding
@ 2009-05-25 8:15 Rene Nielsen
0 siblings, 0 replies; only message in thread
From: Rene Nielsen @ 2009-05-25 8:15 UTC (permalink / raw)
To: ecos-discuss
Hi folks,
I have a question regarding TCP SYN Flooding attacks.
To my understanding these attacks come in two flavors:
1) The attacker sends SYN packets only, leaving the connection
half-open.
2) The attacker sends SYN packets and ACKs the SYN-ACK from the server,
effectively opening the connection (this is probably not a real SYN
flood attack, but nevertheless it takes server-side resources...).
Are there any remedies in the eCos' BSD TCP/IP stack to overcome such
attacks (e.g. SYN cache/cookies as suggested by RFC4987 to remedy attack
type #1, timeouts, etc.)?
Regards,
Rene Schipp von Branitz Nielsen
Vitesse Semiconductors
--
Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2009-05-25 8:15 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-05-25 8:15 [ECOS] BSD TCP/IP Stack & SYN Flooding Rene Nielsen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).