Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: John Coke (jcokeibeam.com)
Date: Tue Jan 29 2002 - 23:47:06 CST
I am deploying boxes into unfriendly networks and cannot count on firewall
protection. The servers are linux 2.4 and I have wrapped them tightly in
Netfilter (iptables). The only chink, if you will, is the protection
against SYN flooding. I see 2 solutions and would like the forum's input.
The first is using syncookies and the second is Netfilter's rate limiting.
My impression is that syncookies require more overhead but would not drop
legitimate traffic. OTOH, netfilter would have less overhead but may drop
legitimate traffic when the threshold is triggered.