Mensaje archivado #1309 de la Lista ecs-isp@2rosenthals.com anterior mensaje siguiente mensaje volver a la lista

De: "Roderick Klein" <ecs-isp@2rosenthals.com> Encabezados Completos
Mensaje no decodificado
Asunto: Re: [eCS-ISP] DDOS attacks and tcp/ip SYNCOOKIE flag
Fecha: Wed, 4 Feb 2026 14:15:22 +0100
Para: eCS ISP Mailing List <ecs-isp@2rosenthals.com>

Op 4-2-2026 om 13:38 schreef Massimo S.:
Hi all,

to mitigate the effects of DDOS attacks (eg. the ones on port 80 and 443) it is
suggested to turn ON syncookie tcp/ip flag.

But i've realized that on eCS and AOS this parameter give a number of issues.

Clients start calling that images on websites do not load correctly or take
a lot of time to render/complete.

While i've also seen that turning ON this flag increase the instability
of the web server VM at the point that the entire OS can completely freeze
(this on eCS and AOS too).

The flag SYNATTACK seems to work properly instead, but SYNCOOKIE i guess
it's very bugged.


When I worked at Mensys with the servers there was indeed one of the attack protection settings that will make your webserver less stable.

And since ArcaOS and eCS run the same version of the TCP/IP stack they are both having the same defect. I think it was syncookie indeed that caused is broken.

Roderick
Suscribirse: Todos, Compendio, Indice.
Desuscribirse
Correo al dueño de la Lista