about syncookies firewall?

["SB CH" <chulmin2 () hotmail com>]

Hello, all.

I have read some documents about the "syncookies firewall."
and the URL is like below.

http://web.archive.org/web/20020202205255/www.bronzesoft.org/projects/scfw/

I have read that documents and I think that the theory of the syncookies 
firewall is alike tcp-intercept mode of the cisco router, right?

anyone who used this syncookies firewall at your linux box?
is there any cpu or memory leak?
and, is it possible at linux kernel 2.4?

I saw some commercial firewall use this function.

and I would like to know real time dynamic backlog queue size of the system 
when synflooding attack.
Surely, it doesn't mean the fixed value of the tcp_max_syn_backlog. 
I couldn't find any solution or command about this. 

any idea?


Thanks in advance.

_________________________________________________________________
책상위에 다리 올리고 느긋하게 즐긴다... MSN 온라인 상영관   
http://vod.msn.co.kr  


---------------------------------------------------------------------------
Thinking About Security Training? You Can't Afford Not To!

Vigilar's industry leading curriculum includes:  Security +, Check Point, 
Hacking & Assessment, Cisco Security, Wireless Security & more! Register Now!
--UP TO 30% off classes in select cities-- 
http://www.securityfocus.com/Vigilar-security-basics
----------------------------------------------------------------------------