>"...option causes the system to violate the TCP standard..." I do not think this is the case. If you check RFC4732 they list this as a possible way to help against DoS attacks.
I also believe that window scaling is not affected, but large windows are. But accepting legit traffic without large windows is better than dropping the connections. So if the implementation is an adaptive one that only use SYN cookies when under huge load, then I am all for this. At least in the server edition. -- proc/sys/net/ipv4/tcp_syncookies=1 should be seriously considered to permit SYN flood defense... https://bugs.launchpad.net/bugs/57091 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
