On 3 Aug 2015, at 21:19, Stephen Satchell wrote:
And any half-awake server operator would have turned on SYNCOOKIES a long time ago.
I hate to tell you this, but a) SYN-cookies aren't a perfect response, as servers don't have infinite resources, and b) stateful firewalls go down *all the time* under DDoS attacks. It might be a good idea to search the list archives for more on this phenomenon. There's also information available in the Arbor WISRs; I think the first time we explicitly asked in the survey about stateful devices going down under DDoS was in 2010: [Warning: free registration required, but you can opt-out of email as part of the registration process] <http://www.arbornetworks.com/resources/infrastructure-security-report> ----------------------------------- Roland Dobbins <rdobbins@arbor.net>