On Wed, Mar 28, 2001 at 08:10:09PM -0600, Charles Cazabon wrote: [snip] > [as this topic slowly drifts from almost-on-topic to not-even-close...] > > Yes. But even with all the network bandwidth in the world, with syn cookies, > you're not going to be able to create the four billion connections per > second that would be required to even have a shot at it. Syn cookies are not relevant here - syn cookies prevent your TCP state table from filling up with SYN_RECV connections. As long as your sequence numbers are sane, even without syn cookies nobody can fake a 3-way handshake. Greetz, Peter -- Monopoly http://www.dataloss.nl/monopoly.html
