On Tue, 2003-03-11 at 14:40, Henrik Nordstrom wrote: > > In fact for one of our clients just putting squid in front of their > > servers and enabling syncookies allowed them to operate through a > > synflood attack which until then had crippled their windows servers. > > This is a great advantage to the current model :) > > Which is a very different story from the case of SYN flood protecting in > a transparent proxy with deferred client accepts until the server > connection have been established..
My point was that perhaps it is better to keep syncookies and break end-to-end, after all we can do that today :) -- // Gianni Tedesco (gianni at scaramanga dot co dot uk) lynx --source www.scaramanga.co.uk/gianni-at-ecsc.asc | gpg --import 8646BE7D: 6D9F 2287 870E A2C9 8F60 3A3C 91B5 7669 8646 BE7D
signature.asc
Description: This is a digitally signed message part
