Open lucaderi opened 2 months ago
You can replicate it sniffing traffic generated by tools such as
wget --no-parent -r http://WEBSITE.com/
that can traverse a HTTP server and recursively fetch data
Hi @lucaderi,
To solve this bug we should keep track of half established TCP connections rather than the total number of SYN packets sent/received. I have 3 potential approaches to solve this issue and would love to have some input on which would be preferred:
if a host makes many successful requests/sec they should not be accounted in the SYN flood check