[e2e] Syn floods

Vernon Schryver vjs at calcite.rhyolite.com
Wed May 16 13:37:18 PDT 2001

> From: "Oleg Vishnepolsky" <oleg at prodigy.net>

> I apologize if this is a trivial question for this community,
> but what is the best way to deal with
> Syn floods ? A) If you are a TCP stack vendor B) If you not.

If you ask Google the question http://www.google.com/search?q=syn+flood,
you'll find about 19,100 answers.  As with most network oracle answers,
some of the answers are bogus, but some good, and if you really understand
the question, it's easy to distinguish good from bogus answers.

You could also `grep -i 'syn flood'` in your private directory of RFC's
and find RFC 2267 and RFC 2827.  You do have copies of all interesting
RFC's for such questions, don't you?  In what should be the unlikely case
that you don't, please see http://www.rfc-editor.org/download.html

Another obvious place to check is http://www.cert.org/  
Typing "syn flood" in the "search" box there quickly produces many
documents, including http://www.cert.org/advisories/CA-1996-21.html

Vernon Schryver    vjs at rhyolite.com

