lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Mon, 28 Aug 2017 23:47:41 -0400 From: Harsha Chenji <cjkernel@...il.com> To: netdev@...r.kernel.org Subject: net.ipv4.tcp_max_syn_backlog implementation So I have ubuntu 12.04 x32 in a VM with syncookies turned off. I tried to do a syn flood (with netwox) on 3 different processes. Each of them returns a different value with netstat -na | grep -c RECV : nc -l 5555 returns 16 (netcat-traditional) apache2 port 80 returns 256 vsftpd on 21 returns 64. net.ipv4.tcp_max_syn_backlog is 512. Why do these different processes on different ports have different queue lengths for incomplete connections? Where exactly in the kernel is this decided?