New approach syncookies help me

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Hello Everyone,
I have 2 different suggestions about syn-cookies method which is used to
block syn-flood attacks.

Syn cookies bitwise image
 ---------------------------------------------
   T(5 bits) ---MSS(3 bits)-----H(24 bits)
---------------------------------------------
So,
1- T value can be decreased to 2 bit which is already 5 bit.And hash value
will be 27 bit.
2-Normally syn-cookies is activated when syn-list is fulled.
At this point  I suggest a hybrid system.Syn packages and eck packages
which received to server will be counted, if the difference is bigger than
a reference value syn-cookies will be activated.
In other words syn-cookies mechanism will be in automatic control.
Now I have two questions;
1-How can I invoke syn-cookies structure into Linux Kernel?
2-How can I know when syn-list is fulled?

Thank you everyone,
if you have any suggestions please let me know.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux