Anything new here? I think the article you've linked to in sysctl.conf (http://lwn.net/Articles/277146/) can be seen as encouragement to enable syncookies, or not? It already says that they're only activated if the system runs into trouble, and then it's still better to have "limited connections" (in the sense that not all features work with syncookies) than none, right?
I think there was even somewhere some coments from Alan Cox which more or less implied that syncookies are still a good thing (the discussion was about whether to drop the code at all). Cheers, Chris.
smime.p7s
Description: S/MIME cryptographic signature