> The best defense is to stop it at the source.
Translation: To survive an attack from a well-connected opponent youQuote:> End systems can also provide a last line of defense by
> accommodating a much larger number of incoming SYN packets
only need to sacrifice one or two hundred megabytes of memory.
Translation: While you're under attack, you can't talk to Australia.Quote:> and appropriately replacing those half-open connections that
> have been sitting in the listen queue.
Why doesn't HP implement SYN cookies? SYN cookies eliminate the problem,
without dropping connections and without wasting memory.
Let your users manage their own mailing lists. http://pobox.com/~djb/qmail.html