SOME techs about Synflood limit in FreeBSD

SOME techs about Synflood limit in FreeBSD

Post by hoop » Fri, 27 Jun 2003 14:11:58



Origin:
++++++++++++++++++++++++++++++

++++++++++++++++++++++++++++++

How to do in FreeBSD Synfllod limit.
Somebody tell mi that in Linux is iptables -limit,
how to do in BSD system.

Answers:

1.FreeBSD is not vulernable to this type of attack. For instance you can
make use of ICMP_BANDLIM kernel option, syncookie, etc.

In addition you may be interested in tcp and udp blackholes to avoid port
scans, which poses more risk.

                                                           ---by delphij
(make universe...)

2.In freebsd 4.x,it uses syncache+syncookie to defence the Synflood,and an
paper on BSD-Con02
also metioned that way.

                                                           ---by say

All above answers are copied from bbs.tsinghua.edu.cn/FreeBSD board.

Thx.