Am 28.07.2012 20:03, schrieb Mark Alan: >> The solution is to exempt traffic sent from the machine from the rate >> controls. > > In 2012, in a server facing the net and running other services besides > mail, I would not call it a safe bet. In the event (that must be > accounted for) of an intrusion, one should consider that a syn flood > DOS isn't an exclusive of the INPUT stream
if you do not trust you OUTGOING traffic the only valid reason is that you doubt your machine is comprimised in this case shut it down and NO a synflood will never come in the OUTPUT stream except your machine is compromised, but if so shut it down
signature.asc
Description: OpenPGP digital signature