From owner-freebsd-questions Thu Jul 13 16:38:28 2000 Delivered-To: freebsd-questions@freebsd.org Received: from neo.jagox.net (neo.jagox.net [194.217.125.16]) by hub.freebsd.org (Postfix) with ESMTP id B8E2437B63D for ; Thu, 13 Jul 2000 16:38:19 -0700 (PDT) (envelope-from adam@cortina.private.fordys.net) Received: from [62.252.168.85] (helo=cortina.private.fordys.net) by neo.jagox.net with smtp (Exim 3.03 #1) id 13CtWi-0006E5-00 for freebsd-questions@freebsd.org; Fri, 14 Jul 2000 00:40:25 +0000 Received: from adam by cortina.private.fordys.net with local (Exim 3.13 #15) id 13CsYt-0001KJ-00 for freebsd-questions@freebsd.org; Fri, 14 Jul 2000 00:38:35 +0100 Date: Fri, 14 Jul 2000 00:38:35 +0100 From: Adam Ford To: freebsd-questions@freebsd.org Subject: SYN Cookies & DoS attacks. Message-ID: <20000714003835.A5077@cortina.fordys.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.95i Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi there, I admin quite a few FreeBSD machines for a small ISP, unfortunately our IRC server is receiving quite a few annoying DoS attacks lately. My question is - linux appears to have SYN Cookies, which can be enabled, to help prevent SYN flooding. Does FreeBSD have any similar thing that can be enabled? I've spent 2 hours searching the net/freebsd.org/mailing list archives and I can't find nada! :) I found this option to add to the kernel; options TCP_DROP_SYNFIN However I think this just kinda allows the identity of the machine to be hidden (ie, that its a FreeBSD box). Anyone any ideas? Linux I know shouts about SYN cookies quite a lot; they're not enabled by default. But FreeBSD - hrrrm, seems to be not mentioned!! :) Any help greatly appreciated, Thanks, [Please Please CC responses to me privately] -- Adam Ford: adam@cortina.fordys.net "Cum Varie Tum Semper In Stercori" "Dont dream it, be it." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message