SynFlood mitigation tool on linux

From: Inas
Subject: SynFlood mitigation tool on linux
Date: Sat, 29 Dec 2007 22:09:35 +0000
Message-ID: <deeb2fcb-dace-48e7-a920-f0a72b382299@j20g2000hsi.googlegroups.com>

Hello All,
Hope you are ok and doing great !
Am Inas from jordan university of science and tech. Could any one help
me !

I have graduation project that has to be implemented on linux(could be
any version).its an implementation for synflood attack mitigation
tool(algorithm that needs to be implemented).

up to now, i dont know how to choose between implementation
choices(patch or daemens).
essentially it may be daemens. but i need to get help about that , how
to get documentation of linux and how to read it , finally how to find
the exact location of the daemen in linux kernel.

plz , help .I hear about somebody who implement firewall on linux.
plz reply sooooooooooooon.

Thx Alot.

Re: SynFlood mitigation tool on linux Barry Margolin
- Re: SynFlood mitigation tool on linux David Golden
- Re: SynFlood mitigation tool on linux ···@telent.net
  - Re: SynFlood mitigation tool on linux Rob Warnock
Re: SynFlood mitigation tool on linux Kaz Kylheku

From: Barry Margolin
Subject: Re: SynFlood mitigation tool on linux
Date: Sun, 30 Dec 2007 01:13:12 +0000
Message-ID: <barmar-B0CEA6.20131229122007@comcast.dca.giganews.com>

In article 
<····································@j20g2000hsi.googlegroups.com>,
 Inas <······@yahoo.com> wrote:

> Hello All,
> Hope you are ok and doing great !
> Am Inas from jordan university of science and tech. Could any one help
> me !
> 
> I have graduation project that has to be implemented on linux(could be
> any version).its an implementation for synflood attack mitigation
> tool(algorithm that needs to be implemented).
> 
> up to now, i dont know how to choose between implementation
> choices(patch or daemens).
> essentially it may be daemens. but i need to get help about that , how
> to get documentation of linux and how to read it , finally how to find
> the exact location of the daemen in linux kernel.
> 
> plz , help .I hear about somebody who implement firewall on linux.
> plz reply sooooooooooooon.
> 
> Thx Alot.

You're planning on using Lisp inside the Linux kernel?  Good luck with 
that!

-- 
Barry Margolin, ······@alum.mit.edu
Arlington, MA
*** PLEASE post questions in newsgroups, not directly to me ***
*** PLEASE don't copy me on replies, I'll read them in the group ***

From: David Golden
Subject: Re: SynFlood mitigation tool on linux
Date: Sun, 30 Dec 2007 16:27:24 +0000
Message-ID: <MFPdj.23961$j7.446936@news.indigo.ie>

Barry Margolin wrote:

> You're planning on using Lisp inside the Linux kernel?  Good luck with
> that!
> 

Well, there is of course William Bland's Schemix, if you don't mind
scheme. Hasn't been updated in a while...
http://abstractnonsense.com/schemix/

From: ···@telent.net
Subject: Re: SynFlood mitigation tool on linux
Date: Mon, 07 Jan 2008 14:37:47 +0000
Message-ID: <4782393b$0$8427$db0fefd9@news.zen.co.uk>

Barry Margolin wrote:
> You're planning on using Lisp inside the Linux kernel?  Good luck with 
> that!

The alternative would be the TUN/TAP devices (unless they were 
deprecated in favour of something else since I last looked) which can be 
used to send network packets to userland applications.

(The networking equivalent of ptys, if you like)

Have a look at http://fresh.homeunix.net/~luke/misc/repo/slitch/ for a 
Lisp app that uses them.

-dan

From: Rob Warnock
Subject: Re: SynFlood mitigation tool on linux
Date: Tue, 08 Jan 2008 10:32:33 +0000
Message-ID: <FLydnRH2tbvczB7anZ2dnUVZ_j-dnZ2d@speakeasy.net>

<···@telent.net> wrote:
+---------------
| Barry Margolin wrote:
| > You're planning on using Lisp inside the Linux kernel?
| > Good luck with that!
| 
| The alternative would be the TUN/TAP devices (unless they were 
| deprecated in favour of something else since I last looked) which can be 
| used to send network packets to userland applications.
| 
| (The networking equivalent of ptys, if you like)
| 
| Have a look at http://fresh.homeunix.net/~luke/misc/repo/slitch/ for a 
| Lisp app that uses them.
+---------------

Ouch! That web server is set up to suppress "README" files in directory
listings, so to figure out what this site is all about one needs to
manually view <http://fresh.homeunix.net/~luke/misc/repo/slitch/README>.

That done, however, it looks pretty fun!  ;-}


-Rob

p.s. While the above uses the Linux TUN/TAP, it looks like it should
be pretty easy to get it to work on FreeBSD's "tun" device, too.

-----
Rob Warnock			<····@rpw3.org>
627 26th Avenue			<URL:http://rpw3.org/>
San Mateo, CA 94403		(650)572-2607

From: Kaz Kylheku
Subject: Re: SynFlood mitigation tool on linux
Date: Tue, 01 Jan 2008 02:50:42 +0000
Message-ID: <a7997b2e-ebe4-488a-981c-92f69222cd1f@e10g2000prf.googlegroups.com>

On Dec 29, 2:09 pm, Inas <······@yahoo.com> wrote:
> Hello All,
> Hope you are ok and doing great !
> Am Inas from jordan university of science and tech. Could any one help
> me !

Yes, here is some help. Do not keep re-posting the same question in
multiple newsgroups. Find the one newsgroup where it is on topic. Or,
at most, say, three newsgroups where it is on topic. Post it only to
those newsgroups. Do not multi-post, but rather cross-post it.

Look, why would you /want/ to go back and monitor all those different
newsgroups to see whether you have replies? It's more work for /you/!

There, you've now been helped.

> I have graduation project that has to be implemented on linux(could be
> any version).its an implementation for synflood attack mitigation
> tool(algorithm that needs to be implemented).

That mitigation is called SYN cookies, and it's  been in your kernel
for years.

When you are configuring your kernel build, if you are confronted with
any question about compiling in SYN cookies, do not say no!

Don't expect graduation out of that, though.

> I hear about somebody who implement firewall on linux.

That's awesome! It means many people don't have to run Windows XP on
their gateway boxes anymore.