From owner-freebsd-hackers Sat Aug 26 9:26:56 2000 Delivered-To: freebsd-hackers@freebsd.org Received: from homer.softweyr.com (bsdconspiracy.net [208.187.122.220]) by hub.freebsd.org (Postfix) with ESMTP id 8E12D37B423 for ; Sat, 26 Aug 2000 09:26:51 -0700 (PDT) Received: from localhost ([127.0.0.1] helo=softweyr.com ident=Fools trust ident!) by homer.softweyr.com with esmtp (Exim 3.16 #1) id 13Sitz-0000ER-00; Sat, 26 Aug 2000 10:33:51 -0600 Message-ID: <39A7F16F.3E073F17@softweyr.com> Date: Sat, 26 Aug 2000 10:33:51 -0600 From: Wes Peters Organization: Softweyr LLC X-Mailer: Mozilla 4.7 [en] (X11; U; FreeBSD 4.1-RC i386) X-Accept-Language: en MIME-Version: 1.0 To: FengYue Cc: freebsd-hackers@freebsd.org Subject: Re: SYN flood prevention methods References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG FengYue wrote: > > Hi, I know this is an old topic but I don't seem to find answers > to my questions in the mailing list archives. > > I'm wondering why FreeBSD did not implement the SYN cookies method > that is currently implemented in Linux? To my best understanding, > SYN cookie seems to be a better method against SYS flood than > the random drop method. It seems both OpenBSD and FreeBSD have > implemented the random drop method. I guess there are must be some > "bad things" about SYN cookies that I don't know about. A quick search of the net, hackers, and security mail lists turned up a number of hits for "syn cookie", including several with URL references to weaknesses in the scheme. http://www.FreeBSD.org/cgi/search.cgi?words=syn+cookie&max=50&sort=score&source=freebsd-security&source=freebsd-hackers&source=freebsd-net -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC wes@softweyr.com http://softweyr.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message