For me syncookies is the same problem as FW is. As you said, as long as you don't start a network service, your computer is safe. If you start a SSH server or whatever, you have to protect your system from DoS or other attacks...
(By the way, if your server is reachable from the internet, as soon as you open a network service, you will need some iptables rules to filter some attacks, as ssh scans for example.) -- proc/sys/net/ipv4/tcp_syncookies=1 should be seriously considered to permit SYN flood defense... https://launchpad.net/bugs/57091 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
