+1.
Moved from Endian ~12 months ago now.
I’ve found ipfire to be close to like for like replacement, with an appropriate
level of community and developer support available when needed.
Just my 2c.
--JC
From: Matt Hayes [mailto:domin...@slackadelic.com]
Sent: Tuesday, 10 February 2015 3:02 AM
To: efw-user@lists.sourceforge.net
Subject: Re: [Efw-user] syn-flood prevention?
I'm only responding as most likely you will not get a response from Endian
themselves, I'm not sure why it is not working if you have syn flood protection
enabled already. I myself am slowly moving from Endian Firewall Community as
I'm not able to get any answers from Endian or their developers at all.
There are numerous security issues with the distribution specifically with SSH
and openssl. I'm moving to a more up to date and maintained firewall for my
needs.
Good luck.
On Mon, Feb 9, 2015 at 9:41 AM, Andre Mueller
<andre.muel...@himmel-blau.com<mailto:andre.muel...@himmel-blau.com>> wrote:
Endian 3.0.devel : Community Version
Hello
I have the problem that our Endian installation configured as a router
(public subnet on the orange zone) is attacked on the routers
WAN-interface (Red uplink) by massive syn-flood "requests".
As we have checked on our Endian syn_cookies are activated, so the first
perquisite for protection against syn-flood attacks is active. But the
problem is that our router does respond to every syn-flood request
(SYN_SENT) and by doing so it saturates our WAN-/upload-Line.
Is there any possibility that we can prevent our router to send out any
SYN-packet, whenever a certain amount of not acknowledged SYN-packets
have sent out to the very same IP-destination (but on different ports)?
I would be grateful for any hint. Thanks in advance, Andre
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net<mailto:Efw-user@lists.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/efw-user
==== Charter Hall ========================
This e-mail message and any accompanying attachments may contain information
that is confidential and subject to legal privilege. If you are not the
intended recipient, do not read, use, disseminate, distribute or copy this
message or attachments. If you have received this message in error, please
advise Charter Hall by return e-mail or telephone (02) 8651 9000. Any views
expressed in this message are those of the individual sender, except where the
sender expressly and with authority states them to be the views of Charter
Hall. Charter Hall cannot guarantee that this e-mail or any attachments are
free of viruses or other conditions which may damage or interfere with data,
hardware or software with which it might be used.
======================================
------------------------------------------------------------------------------
Dive into the World of Parallel Programming. The Go Parallel Website,
sponsored by Intel and developed in partnership with Slashdot Media, is your
hub for all things parallel software development, from weekly thought
leadership blogs to news, videos, case studies, tutorials and more. Take a
look and join the conversation now. http://goparallel.sourceforge.net/
_______________________________________________
Efw-user mailing list
Efw-user@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/efw-user
