I agree completely, but neither one is a panacea.
Actually, after the details of Random Drop is worked out including the proper queue size and the drop algorithm we have gone a long way to protecting servers from TCP SYN attacks. I have the beginnings of Random Drop working now based on Alan->Vernnon->Morris; and have been working on 'how to fire hose' the interface and make it work, with kernel print statements in every junction and reboot after reboot after kernel build, etc. ad you-know-what. The TCP fix and possibly and ICMP fix (and more work on kernel hackers part) will, I can safely predict, the faster short term solution than trying to coordinate the world into doing filters. Random Drop, is not a panacea, as you say Paul, but it is a very big, big step in the right direction and I predict that within 30 days and at the latest 60 days (because people are busy) that the SYN attack much less 'troublesome'. Tim