Re: test SYN cookies (was Re: SYN cookies security bugfix?)

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Ed L Cashin <ecashin@terry.uga.edu>
To: Alan Cox <alan@lxorguk.ukuu.org.uk>
Cc: linux-kernel@vger.kernel.org (Linux kernel)
Subject: Re: test SYN cookies (was Re: SYN cookies security bugfix?)
Date: 11 Nov 2001 00:17:30 -0500	[thread overview]
Message-ID: <m3ofm9evit.fsf@terry.uga.edu> (raw)
In-Reply-To: <E162giG-0007cI-00@the-village.bc.nu>

Thank you much for the reply.

Alan Cox <alan@lxorguk.ukuu.org.uk> writes:

> > Is there anyone who has any evidence that SYN cookies do anything in
> > kernel 2.2.x?  If so, how did you get that evidence, because I would
> > like to reproduce it.
> 
> They work fine for me in 2.2.19/2.2.20. 

That was reassuring enough that I persisted and found that the problem
was this: my home-spun SYN-flooder wasn't changing the TCP sequence
number, and so the "victim" was discarding the packets.  

The three-second pause I observed previously was a red herring that
went away when I started using separate hosts for flooding and
connection-testing. 

Now I see a night-and-day difference between with and without SYN
cookies (although when tcp_max_syn_backlog is set to more than a five
it takes a long time to fill the queue).

Thanks again.

-- 
--Ed Cashin                   PGP public key:
  ecashin@terry.uga.edu       http://www.terry.uga.edu/~ecashin/pgp/

     prev parent reply	other threads:[~2001-11-11  5:21 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2001-11-08  5:20 SYN cookies security bugfix? B. James Phillippe
2001-11-08  8:32 ` Gianni Tedesco
2001-11-08 12:32 ` Alan Cox
2001-11-08 22:00   ` test SYN cookies (was Re: SYN cookies security bugfix?) Ed L Cashin
2001-11-10 22:04     ` Ed L Cashin
2001-11-10 22:34       ` Alan Cox
2001-11-11  5:17         ` Ed L Cashin [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m3ofm9evit.fsf@terry.uga.edu \
    --to=ecashin@terry.uga.edu \
    --cc=alan@lxorguk.ukuu.org.uk \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.