Firewall Wizards mailing list archives

Re: SYN flood protection strategies (Was: Post connection SYN)

From: Paul Robertson <proberts () patriot net>
Date: Fri, 17 Oct 2003 13:19:01 -0400 (EDT)

On Fri, 17 Oct 2003, Chuck Swiger wrote:

  Handling SYN floods at the firewall lets you conserve internal LAN 
bandwidth even if your Internet pipe(s) are still going to suffer.


That would imply that you're letting external traffic hit your internal 
LAN, instead of servers on the DMZ.  I figured that particular lesson was 
learned a good decade ago?

Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."
probertson () trusecure com Director of Risk Assessment TruSecure Corporation

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

Post connection SYN Raghuveer (Oct 17)
- Re: Post connection SYN Mikael Olsson (Oct 17)
- Re: Post connection SYN Paul Robertson (Oct 17)
  - Re: Post connection SYN Mikael Olsson (Oct 17)
    - Re: Post connection SYN Paul Robertson (Oct 17)
    - Re: SYN flood protection strategies (Was: Post connection SYN) Mikael Olsson (Oct 17)
    - Re: SYN flood protection strategies (Was: Post connection SYN) Paul Robertson (Oct 17)
    - Re: SYN flood protection strategies (Was: Post connectionSYN) Mikael Olsson (Oct 17)
    - Re: SYN flood protection strategies (Was: Post connection SYN) Chuck Swiger (Oct 17)
    - Re: SYN flood protection strategies (Was: Post connection SYN) Paul Robertson (Oct 17)
    - Re: SYN flood protection strategies (Was: Post connection SYN) Chuck Swiger (Oct 17)
  - Re: Post connection SYN Raghuveer (Oct 17)
- Re: Post connection SYN Ravi Kumar (Oct 20)