| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 21 Oct 2009 12:10:44 +0200 From: Olaf van der Spek <olafvdspek@...il.com> To: William Allen Simpson <william.allen.simpson@...il.com> Cc: netdev@...r.kernel.org Subject: Re: Enable syn cookies by default On Wed, Oct 21, 2009 at 11:16 AM, William Allen Simpson <william.allen.simpson@...il.com> wrote: > Keep in mind that I'm busy trying to replace syncookies with real cookies, > so I'm biased. The syncookies interfere with new options; although in > Linux, they interfere less than other systems. How and when do they interfere? If syn cookies are enabled and the queue isn't full, they're not used so they don't interfere. If the queue is full, they do interfere, but the alternative would be no connection at all. So I really don't see the disadvantage of enabling cookies by default. > As Ubuntu is debian based, perhaps they can back-port the Ubuntu changes? Actually changing the value isn't the problem, but the Debian maintainer isn't sure it's a good idea (but he doesn't know why). Olaf -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists