Hi folks, I have a question regarding TCP SYN Flooding attacks. To my understanding these attacks come in two flavors: 1) The attacker sends SYN packets only, leaving the connection half-open. 2) The attacker sends SYN packets and ACKs the SYN-ACK from the server, effectively opening the connection (this is probably not a real SYN flood attack, but nevertheless it takes server-side resources...).
Are there any remedies in the eCos' BSD TCP/IP stack to overcome such attacks (e.g. SYN cache/cookies as suggested by RFC4987 to remedy attack type #1, timeouts, etc.)? Regards, Rene Schipp von Branitz Nielsen Vitesse Semiconductors -- Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss
