On Wed, Jan 15, 2003 at 03:36:28PM +0100, Andre Oppermann wrote:
> In a recent study my diploma students found that out of a dataset of
> 9 million TCP SYN in real life traffic (Sunsite Switzerland, five
> popular newspaper sites) approximatly 5% did not have the MSS option
> set. We did not manage
"Louis A. Mamakos" wrote:
>
> >
> > My goal is to create an ipfw rule that stops normal syn floods by blocking
> > ALL syn packets that have no MSS set.
> >
> > My understanding is that there is no legitimate packet that is a SYN and
> > has no MSS, and further, most of the kiddie tools in existen
>
> My goal is to create an ipfw rule that stops normal syn floods by blocking
> ALL syn packets that have no MSS set.
>
> My understanding is that there is no legitimate packet that is a SYN and
> has no MSS, and further, most of the kiddie tools in existence for syn
> flooding do indeed send sy
