Date: Fri, 14 Jul 2000 00:38:35 +0100 From: Adam Ford <adam@cortina.fordys.net> To: freebsd-questions@freebsd.org Subject: SYN Cookies & DoS attacks. Message-ID: <20000714003835.A5077@cortina.fordys.net>
next in thread | raw e-mail | index | archive | help
Hi there,
I admin quite a few FreeBSD machines for a small ISP, unfortunately our
IRC server is receiving quite a few annoying DoS attacks lately.
My question is - linux appears to have SYN Cookies, which can be enabled,
to help prevent SYN flooding.
Does FreeBSD have any similar thing that can be enabled? I've spent 2 hours
searching the net/freebsd.org/mailing list archives and I can't find nada! :)
I found this option to add to the kernel;
options TCP_DROP_SYNFIN
However I think this just kinda allows the identity of the machine to be
hidden (ie, that its a FreeBSD box).
Anyone any ideas?
Linux I know shouts about SYN cookies quite a lot; they're not enabled
by default. But FreeBSD - hrrrm, seems to be not mentioned!! :)
Any help greatly appreciated,
Thanks,
[Please Please CC responses to me privately]
--
Adam Ford: adam@cortina.fordys.net
"Cum Varie Tum Semper In Stercori"
"Dont dream it, be it."
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000714003835.A5077>