[CentOS] New approach syncookies help me
Ibrahim Celikbilek
ibrahimcelikbilek at std.sehir.edu.trTue May 12 12:57:09 UTC 2015
- Previous message: [CentOS] CentOS-announce Digest, Vol 123, Issue 2
- Next message: [CentOS] New approach syncookies help me
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hello Everyone, I have 2 different suggestions about syn-cookies method which is used to block syn-flood attacks. Syn cookies bitwise image --------------------------------------------- T(5 bits) ---MSS(3 bits)-----H(24 bits) --------------------------------------------- So, 1- T value can be decreased to 2 bit which is already 5 bit.And hash value will be 27 bit. 2-Normally syn-cookies is activated when syn-list is fulled. At this point I suggest a hybrid system.Syn packages and eck packages which received to server will be counted, if the difference is bigger than a reference value syn-cookies will be activated. In other words syn-cookies mechanism will be in automatic control. Now I have two questions; 1-How can I invoke syn-cookies structure into Linux Kernel? 2-How can I know when syn-list is fulled? Thank you everyone, if you have any suggestions please let me know.
- Previous message: [CentOS] CentOS-announce Digest, Vol 123, Issue 2
- Next message: [CentOS] New approach syncookies help me
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list