HoundDawg wrote:
Sorry, but I still fail to see how they should be related. You said UA was attacked by a (classical, I assume) SYN flood attack. This type of DoS attack is based on using up the victims resources. This can be countered by discarding SYN packets in a firewall.Actually, no. They are totally related. The only difference between the two is merely the ports really or a slightly different technique, which can easily be scripted.
The DDoS attck making use of game servers to attack a victim is a bandwidth flood. You can't do anything against that on the victim machine, the bottleneck is further up the network. The *pipe* to the victim will already be overloaded.
How are these related?
In a general sense, a netfilter will cause the OS to do something with the TCP packets, too: the filtering. But I would agree that it probably causes less load than in the case of syn cookies where the cookie is generated and sent back.Windows 2000 and XP also have similar settings as well. But, that basically only deals with a low number of SYN connections and only adds wait-time to the connections. It still causes the OS to do something with the packets. The netfilter will do the blocking before syncookies is needed.
Yes, in a perfect world this would happen. But, apparently, not even Time Warner does this. O_o
I'm not even sure that every router can do that. :(
Florian. -- Want to produce professional emails and Usenet postings? http://www.netmeister.org/news/learn2quote.html _______________________________________________ hlds_apps mailing list [EMAIL PROTECTED] http://list.valvesoftware.com/mailman/listinfo/hlds_apps
