We are using Checkpoint FW-1 SP2 on a distributed Management/Server
environment on Solaris 2.7 U5s.
We have a server which serves up an open source client which seems to have a
bug. When the server is down, certain clients begin flooding with requests
to connect that basically has the effect of a DOS. There is a normal
timeout associated with the commercial client which shouldn't do this.
I've heard that the SynDefender can mess up legitamite TCP Sessions and
therefore not to use on a regular basis, so I wanted to know if anyone had
ideas of ways to detect and reject connection attempts from one source who
exceed a number/time threshold.
Thanks in advance,
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
