My solution on the application-side was to implement the backlog-ability (TCP_LISTEN_BACKLOG) of LwIP, with a few additional macros based on tcp_accepted().
It solved my own issues with outgoing connections failing to work (when out of PCBs). So now my application is able to "tell me" that something odd is going on, even when flooded with numerous connections. I haven't done "SYN flood" attacks though, only "normal connections" flood attempts. As soon as I have time for this, I'll check with nmap and see how it crashes (and how much time it takes to come back on, if it ever does). - Reggie. Piero 74 wrote: > > So, now i know that lwip can manage a SYN flood attack, using half open > state timeout. People who test my board with SYN flood attack generator, > said that they waited for 15 minutes, but board didn't accept new > connections. > -- View this message in context: http://www.nabble.com/Security-implemented-in-LWIP-tp21698454p21713718.html Sent from the lwip-users mailing list archive at Nabble.com. _______________________________________________ lwip-users mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/lwip-users
