SYN cookies are disabled by default in Ubuntu for the same reason they
are disabled by default in the kernel. According to the kernel
documentation, use of this option causes the system to violate the TCP
standard, and so is only intended to be used to mitigate an attack in
progress.
** Changed in: procps (Ubuntu)
Sourcepackagename: procps => None
Status: Unconfirmed => Rejected
--
proc/sys/net/ipv4/tcp_syncookies=1 should be seriously considered to permit SYN
flood defense...
https://launchpad.net/bugs/57091
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
