I am getting a lot of probes on my firewall that are internally reported
as Blocked Synflood, cleverly crafted to appear as coming from a number
of IP addresses onto a select few ports. Assuming the IP addresses are
all fake and Shaw does not have any incentive to track down the sources,
how would
Hi Hendrik,
If there is no attempt to continue the TCP handshake then you may be
getting some kind of DoS attack, if not I wouldn't assume the IP
addresses are faked otherwise the connection won't work.
The scale (number of SYN/second) will tell you if this is real or just
an artifact of somethin
2 matches
Mail list logo
