Enabling syncookies disables TCP window scaling[1], and in most situations, existing SYN-flood protections in the kernel already address most sorts of those attacks. In some situations (perhaps like what alecm3 was experiencing) there are situations it might be needed, but for a default, I am against[2][3] it if for no other reason than keeping window scaling working.
[1] http://lkml.org/lkml/2008/2/5/167 [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495884 [3] http://launchpadlibrarian.net/16972932/procps_1%3A3.2.7-8ubuntu2_1%3A3.2.7-9ubuntu1.diff.gz -- proc/sys/net/ipv4/tcp_syncookies=1 should be seriously considered to permit SYN flood defense... https://bugs.launchpad.net/bugs/57091 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
