From owner-freebsd-security Fri Dec 1 12:33: 0 2000 Delivered-To: freebsd-security@freebsd.org Received: from joe.pythonvideo.com (joe.pythonvideo.com [209.226.29.94]) by hub.freebsd.org (Postfix) with ESMTP id E123137B400 for ; Fri, 1 Dec 2000 12:32:53 -0800 (PST) Received: from localhost (joe@localhost) by joe.pythonvideo.com (8.11.1/8.11.0) with ESMTP id eB1KWm400569; Fri, 1 Dec 2000 15:32:48 -0500 (EST) (envelope-from joe@advancewebhosting.com) X-Authentication-Warning: joe.pythonvideo.com: joe owned process doing -bs Date: Fri, 1 Dec 2000 15:32:48 -0500 (EST) From: Joe Oliveiro X-Sender: joe@joe.pythonvideo.com To: Umesh Krishnaswamy Cc: freebsd-security@FreeBSD.ORG Subject: Re: Defeating SYN flood attacks In-Reply-To: <3A27F625.4C87CC7C@juniper.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org check your /etc/defaults/rc.conf file for protection against synfloods. FreeBSD - The BEST upgrade you can do to NT! On Fri, 1 Dec 2000, Umesh Krishnaswamy wrote: > Hi Folks, > > I wanted to double-check which version of FreeBSD (if any) can address a > SYN flooding DoS attack. The latest FreeBSD sources (tcp_input.c and > ip_input.c) do not seem to have any code to address such an attack. Maybe I am > missing something. > > So if you folks can enlighten me on whether or how to handle the SYN attack from > within the kernel, I would appreciate it. I am aware of ingress filtering; while > that can help attacks from randomized IP addresses, it will fail in the case of > an attack from a spoofed trusted IP address. Hence the desire to look into the > kernel for a fix. > > Thanks. > Umesh. > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message