QDB: Quote #309611
About / Latest / Random / Queue / Prefs / Donate / Submit Quote / Search

This quote has been fermenting for 12 years and has been voted on 21 times.
Based on preliminary voting, this quote has a 67.6% chance of being approved.

#309611* (?/21) ⚐Flag
< MadCamel> fyi tcp is the only protocol allowed incoming to the server. this is implemented upstream
< MadCamel> lessens the attack area, keeps those dns reflection ddoses at bay along with other nasties.
< MadCamel> if tcp packets/sec raises above a threshold some statistical analysis kicks in and drops packets that are behaving different from the normal traffic. This happens upstream. On the host
itself there's syncookies followed by an incoming connections/second blacklist..
< MadCamel> so it sheds syn floods then any IP that does complete a full 3-way handshake is limited to X handshakes/minute before it gets added to a temporary blocklist. Kills spoofed synfloods and
botnet based connection floods, anything that erks through
< Mistakes> sexy
< Frostypants> MadCamelot: thanks for explaining
< melkior> Ah. That was an explanation? Thanks for explaining that.
About / Latest / Random / Queue / Prefs / Donate / Submit Quote / Search
14,883 quotes approved; 8,692 fermenting; karma: 189.4805