On Tue, 19 Feb 2002, Bruno Fernandes wrote:
> So the questions is there any way of making ipf react to an syn-flood
> attack ?
ipf doesn't. the kernel does. the kernel keeps a table of connection
requests, like SYNs, and will randomly drop those requests if they aren't
completed and moved out of that table. its a fair system for such a
situation.
at least this is how i recall it working on openbsd (feeling ill, may not
be giving out the right info).
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
_______________________________________________
Firewalls mailing list
[EMAIL PROTECTED]
http://lists.gnac.net/mailman/listinfo/firewalls
