Hi all, I have just one question related to preventing DoS attack using iptables. I know there is possible limit of receiving packets causef by DoS attacks using --m limit --limit 1/s and on that way pushing firewall to accept just on packet per second. But in some cases the kernel will accept that packets and we can reject theu putting 1 in /proc/sys/net/ipv4# cat tcp_syncookies....According to http://cr.yp.to/syncookies.html where they say that this method is stil experimenting I am asking you what is your experineces related to oreventing DoS attacks this way. Thanks Regards __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
