[ previous ] [ next ] [ threads ]
 
 From:  Chris Buechler <cbuechler at gmail dot com>
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] TCP SYN flooding
 Date:  Fri, 23 Sep 2005 09:20:47 -0400
On 9/23/05, Abdul Aziz <aaziz at justbooking dot com> wrote:
>
>
> Dear all
>
> how to address TCP SYN flooding on a m0n0?
>

The current ipfilter version in m0n0wall provides no support for this,
so you have to use host-based measures.  Not sure if any newer
ipfilter has anything like this, pf has synproxy for this purpose. 
It's something we'll probably see in the future.

Besides, unless you're running a 45+ Mb Internet connection, basically
any script kiddie could DDoS you off the net.  SYN flooding doesn't
seem to be all that popular in comparison to DDoS since everybody and
their brother seems to control a botnet these days.

-Chris