Changes

<b>SYN Flood Protection</b> allows you to protect yourself from attacks that exploit part of the normal TCP three-way handshake to consume resources on the targeted server and render it unresponsive. Essentially, with SYN flood DDOS, the offender sends TCP connection requests faster than the targeted machine can process them, causing network over-saturation.

<b>SYN Flood Protection</b> allows you to protect yourself from attacks that exploit part of the normal TCP three-way handshake to consume resources on the targeted server and render it unresponsive. Essentially, with SYN flood DDOS, the offender sends TCP connection requests faster than the targeted machine can process them, causing network over-saturation.

[[File:Networking_rutos_manual_firewall_attack_prevention_syn_flood_protection.png|border|class=tlt-border]]

[[File:Networking_rutos_manual_firewall_attack_prevention_syn_flood_protection_v2.png|border|class=tlt-border]]

<table class="nd-mantable">

<table class="nd-mantable">

     <tr>

     <tr>

     <td>TCP SYN cookies</td>

     <td>TCP SYN cookies</td>

         <td>off | on; default: <b>off<b></b></td>

         <td>off | on; default: <b>on</b></td>

         <td>Enables the use of SYN cookies (particular choices of initial TCP sequence numbers by TCP servers)b</td>

         <td>Enables the use of SYN cookies (particular choices of initial TCP sequence numbers by TCP servers)b</td>

     </tr>

     </tr>