an easy way is to limit the amount of tcp connections at the same time on a
edge router. this is usualy done to get rid of script kiddies which try to
break into ssh by trying every possible password for root. if tcp init is
however rate limited then its like a slow connection for opening
I've thought about constructing iptables rules to limit the number of
SYN packets for the same host per second or such
Multiple flows to the same host don't really bother routers of any class.
Old routers choke when looking up many hosts in the routing table.
So your proposed rules against
2012/7/31 grarpamp grarp...@gmail.com:
I've thought about constructing iptables rules to limit the number of
SYN packets for the same host per second or such
Multiple flows to the same host don't really bother routers of any class.
Old routers choke when looking up many hosts in the routing
