Learn about advanced network security techniques in this conference talk from the Linux Plumbers Conference. Explore the concept of SYN Cookie and its limitations in protecting servers from SYN flood attacks. Discover how SYN Proxy can enhance security at the network edge, and understand its current scalability challenges. Delve into the technical details of what information the kernel encodes into SYN Cookies. Examine a novel stateless SYN Proxy implementation and its accompanying kernel module. Finally, get insights into ongoing efforts to improve the solution through the addition of a new kernel function. This 23-minute presentation offers valuable knowledge for network security professionals and Linux enthusiasts looking to enhance their understanding of advanced TCP/IP protection mechanisms.
Overview
Syllabus
SYN Proxy at Scale with BPF - Kuniyuki Iwashima
Taught by
Linux Plumbers Conference