[ECOS] BSD TCP/IP Stack & SYN Flooding

Rene Nielsen rbn@vitesse.com
Mon May 25 08:15:00 GMT 2009

Hi folks,
I have a question regarding TCP SYN Flooding attacks.

To my understanding these attacks come in two flavors:
1) The attacker sends SYN packets only, leaving the connection
2) The attacker sends SYN packets and ACKs the SYN-ACK from the server,
effectively opening the connection (this is probably not a real SYN
flood attack, but nevertheless it takes server-side resources...).

Are there any remedies in the eCos' BSD TCP/IP stack to overcome such
attacks (e.g. SYN cache/cookies as suggested by RFC4987 to remedy attack
type #1, timeouts, etc.)?

Rene Schipp von Branitz Nielsen 
Vitesse Semiconductors

Before posting, please read the FAQ: http://ecos.sourceware.org/fom/ecos
and search the list archive: http://ecos.sourceware.org/ml/ecos-discuss

More information about the Ecos-discuss mailing list