Date: Fri, 8 Nov 1996 10:01:44 -0800 (PST) From: "Jonathan M. Bresler" <jmb> To: security Subject: urgent! SYN packet flood tolerance in 2.1.5? (fwd) Message-ID: <199611081801.KAA26411@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
Ian Kallen wrote:
>From ian@ns1.gamespot.com Thu Nov 7 14:36:56 1996
Message-Id: <199611071325.NAA25683@gamespot.com>
Comments: Authenticated sender is <ian@mail.gamespot.com>
From: "Ian Kallen" <ian@gamespot.com>
To: jmb@freebsd.org
Date: Thu, 7 Nov 1996 12:39:33 +0000
Subject: urgent! SYN packet flood tolerance in 2.1.5?
Reply-to: ian@gamespot.com
CC: jkh@time.freebsd.org
Priority: normal
X-mailer: Pegasus Mail for Windows (v2.23)
I saw mention of updates to some of the source and headers for
2.2-current that should provide better SYN flood tolerance. Is there
anyway/recipe that you know of to implement these fixes in 2.1.5?
I know that DEC and BSDi and others have been publishing patches and
kernel reconfigs to "harden" their kernels.
One of my machines (ftp.gamespot.com) has been under attack with
floods to port 21, the originating IP address is presently filtered
at the router but that filter is going to have to come down.
Besides, the originator might switch IP addresses soon. Anyway, if
you have any suggestions for getting this patched without going to
the 2.2 branch, I'd really appreciate it.
thanks much in advance
--
Ian Kallen ian@gamespot.com
Director of Technology & Web Administration
http://www.gamespot.com
--
Jonathan M. Bresler FreeBSD Postmaster jmb@FreeBSD.ORG
FreeBSD--4.4BSD Unix for PC clones, source included. http://www.freebsd.org/
PGP 2.6.2 Fingerprint: 31 57 41 56 06 C1 40 13 C5 1C E3 E5 DC 62 0E FB
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199611081801.KAA26411>