Oskar Andreasson wrote: >However, I notice one _big_ if in the page you are referring to, which by >the way is quite old (dated circa 1996). > I have a distinct feeling that many IP based protocols don't change a lot within these types of timespans. Look at how long IPv6 is taking to deploy. >"4. TCP options such as RFC1323, SACK and T/TCP options cannot be used." > >Nowhere does the documents explain how these problems can be solved (I >haven't read the whole document yet, so I may burst out prematurely... but >I wanted to respond to your questions:)). > I would assume that those options use bits in the packet header that SYN cookies also use and therefore make unpredictable. I'm not sure either though. FWIW, I've run all my machines 2.2.x and up with SYN cookies turned on with no (known) ill effects; PCs and servers alike. -- Michael T. Babcock C.T.O., FibreSpeed Ltd. http://www.fibrespeed.net/~mbabcock _______________________________________________ LARTC mailing list / LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/