Are there any updates on this issue? I don't see any counter arguments to the fact syn cookies only take effect after the queue is full. Ideally this would be changed upstream, maybe an Ubuntu kernel dev could contact upstream about this?
-- proc/sys/net/ipv4/tcp_syncookies=1 should be seriously considered to permit SYN flood defense... https://bugs.launchpad.net/bugs/57091 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs