It is also important to remember that the SYN attack is only one in a class
of one-way denial-of-service attacks. While hardening the servers on the
net against this kind of attack is important (and is the province of the
server/OS vendors, not the router or firewall vendors), the most effective
way to end a denial of service attack is to trace it to its source, and
terminate it there.
And terminate the perpetrator. ,-)
It is time for a Best Common Practice document.
Erik Fair
Erik, I volunteer to co-author. Please contact me if you are interseted
in getting this document put together RSN.
- paul