Mailing List ecs-isp@2rosenthals.com Archived Message #1308 previous message next message back to list

From: "Massimo S." <ecs-isp@2rosenthals.com> Full Headers
Undecoded message
Subject: DDOS attacks and tcp/ip SYNCOOKIE flag
Date: Wed, 4 Feb 2026 13:38:48 +0100
To: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Hi all,

to mitigate the effects of DDOS attacks (eg. the ones on port 80 and 443) it is
suggested to turn ON syncookie tcp/ip flag.

But i've realized that on eCS and AOS this parameter give a number of issues.

Clients start calling that images on websites do not load correctly or take
a lot of time to render/complete.

While i've also seen that turning ON this flag increase the instability
of the web server VM at the point that the entire OS can completely freeze
(this on eCS and AOS too).

The flag SYNATTACK seems to work properly instead, but SYNCOOKIE i guess
it's very bugged.


massimo
Subscribe: Feed, Digest, Index.
Unsubscribe
Mail to ListMaster