That was my understanding so far. So then I haven't gone crazy, thank god.
> I don't think these statements are entirely true. While it is true that
> you can't use things like window scaling or SACK - syncookies 100%
> successfully stop syn flood attacks.
Someone needs to adjust the text then.
> The attack is that if you fill the syn backlog queue with bogus requests
> then legitimate clients can no longer connect. The syn flood attack
> isn't "your legitimate connections wont be able to use window scaling".
I completely agree with this definition of SYN flooding and then I will
also say that you can 'stop' SYN flooding, well, at least you give
legitimate clients a real chance to still successfully connect to your
service, while it is under a SYN flood. I think we agree now. It should
only be remarked that the line is still flooded, thus the wording "100
stop SYN flood" is simply inappropriate in my eyes. It's all a matter of
definition.
Regards,
Roberto Nibali, ratz
-- echo '[q]sa[ln0=aln256%Pln256/snlbx]sb3135071790101768542287578439snlbxq'|dc- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/