Hi enyc, I think "tcp_syncookies" is considered as part of the FW mechanism of the kernel. As Dapper (and previous releases) does not provide any FW out of the box, it is normal that tcp_syncookies are not activated by default. Your bug repport should be put as a wish for next release, and maybe linked to bug about the "missing FW" in Ubuntu.
-- proc/sys/net/ipv4/tcp_syncookies=1 should be seriously considered to permit SYN flood defense... https://launchpad.net/bugs/57091 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
