From owner-freebsd-questions  Sun Jan  9 14:19: 3 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from dozer.skynet.be (dozer.skynet.be [195.238.2.36])
	by hub.freebsd.org (Postfix) with ESMTP
	id 9605F14D3F; Sun,  9 Jan 2000 14:18:58 -0800 (PST)
	(envelope-from blk@skynet.be)
Received: from [195.238.19.252] (dialup252.brussels.skynet.be [195.238.19.252])
	by dozer.skynet.be (8.9.3/odie-relay-v1.0) with ESMTP id XAA09573;
	Sun, 9 Jan 2000 23:18:53 +0100 (MET)
Mime-Version: 1.0
X-Sender: blk@foxbert.skynet.be
Message-Id: <v04220801b49eb51f4dab@[195.238.19.152]>
In-Reply-To: <20000109201829.20220.qmail@web116.yahoomail.com>
References: <20000109201829.20220.qmail@web116.yahoomail.com>
Date: Sun, 9 Jan 2000 23:03:20 +0100
To: Holtor <holtor@yahoo.com>, freebsd-questions@FreeBSD.ORG
From: Brad Knowles <blk@skynet.be>
Subject: Re: Kernel Option: TCP_DROP_SYNFIN
Cc: freebsd-stable@FreeBSD.ORG
Content-Type: text/plain; charset="us-ascii" ; format="flowed"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

At 12:18 PM -0800 2000/1/9, Holtor wrote:

>  Would this help stop SYN floods from breaking my
>  freebsd computer? if anyones tried it, please speak
>  up with any results or how it works. Thanks!

	I've used it and haven't seen it do any harm to the systems I was 
using it on, although I can't speak for how well it might have helped 
them survive a SYN flood.  Unless you're using TTCP (TCP for 
Transactions), you should probably be safe in enabling it.

-- 
   These are my opinions -- not to be taken as official Skynet policy
  ____________________________________________________________________
|o| Brad Knowles, <blk@skynet.be>            Belgacom Skynet NV/SA |o|
|o| Systems Architect, News & FTP Admin      Rue Col. Bourg, 124   |o|
|o| Phone/Fax: +32-2-706.11.11/12.49         B-1140 Brussels       |o|
|o| http://www.skynet.be                     Belgium               |o|
\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/
  Unix is like a wigwam -- no Gates, no Windows, and an Apache inside.
   Unix is very user-friendly.  It's just picky who its friends are.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message