On 9/23/05, Abdul Aziz <aaziz at justbooking dot com> wrote:
> Dear all
> how to address TCP SYN flooding on a m0n0?
The current ipfilter version in m0n0wall provides no support for this,
so you have to use host-based measures. Not sure if any newer
ipfilter has anything like this, pf has synproxy for this purpose.
It's something we'll probably see in the future.
Besides, unless you're running a 45+ Mb Internet connection, basically
any script kiddie could DDoS you off the net. SYN flooding doesn't
seem to be all that popular in comparison to DDoS since everybody and
their brother seems to control a botnet these days.