TCP sinful cookies?
Jeff Mings
jeffm at lava.net
Mon Jun 25 16:09:15 PDT 2001
I've been looking through the various man pages, HOW-TOs, and other
documentation, and haven't been able to figure out what TCP SynCookies
are and what they do. I assume they relate to defeating Syn-based DOS
attacks. I've been using MonMotha's excellent iptables firewall script
(thanks for the tip, Deven) to figure out how to use iptables, and
SynCookies are enabled in the same way that forwarding is turned on in
ipchains or iptables. Script snippet:
# Enable TCP Syncookies
echo -n "Checking IP SynCookies..."
if [ -e /proc/sys/net/ipv4/tcp_syncookies ] ; then
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo "enabled."
else
echo "support not found, but that's OK."
fi
Can anyone give a quick summary of SynCookies?
Thanks,
-Jeff Mings
More information about the LUAU
mailing list