kernel: possible SYN flooding on port 655. Sending cookies.
ZioPRoTo (Saverio Proto)
zioproto at gmail.com
Wed May 25 20:59:43 CEST 2011
On a Linux Server running tincd I noticed the following log message in
/var/log/messages
kernel: possible SYN flooding on port 655. Sending cookies.
I found this on the web:
If SYN cookies are enabled, then the kernel doesn't track half open
connections at all. Instead it knows from the sequence number in the
following ACK datagram that the ACK very probably follows a SYN and a
SYN-ACK. That way SYN floods are not a problem to it.
So I guess there is nothing to worry about, correct ?
Saverio
More information about the tinc
mailing list