Firewall settings - incomplete TCP/UDP sessions - Firewalls

This is a discussion on Firewall settings - incomplete TCP/UDP sessions - Firewalls ; Hello, I've had increasing problems with my h/w firewall over the past weeks due to 'syn flood to host (outbound)' problems. Turns out my modded version of firefox triggers the f/w to hysterically shut down the connection (flood control). (I ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Firewall settings - incomplete TCP/UDP sessions

  1. Firewall settings - incomplete TCP/UDP sessions

    Hello,

    I've had increasing problems with my h/w firewall over the past weeks
    due to 'syn flood to host (outbound)' problems.
    Turns out my modded version of firefox triggers the f/w to hysterically
    shut down the connection (flood control).
    (I still don't know why this has only recently become a problem, as
    I've made NO h/w or s/w changes, and have no viruses/spyware.)

    I've basically tried to desensitise the f/w by adjusting:
    'Maximum incomplete TCP/UDP sessions number from same host', (which was
    originally 10) to 50 (max). This seems to work for the moment.

    I don't want to set this too high, leaving my network vulnerable to dos
    attacks, but I also don't want my surfing restricted by my own
    firewall(!)
    What is the correct (permissible) maximum value I should have this set
    to?


  2. Re: Firewall settings - incomplete TCP/UDP sessions

    Bondi (Class-1) wrote:

    > I've basically tried to desensitise the f/w by adjusting:
    > 'Maximum incomplete TCP/UDP sessions number from same host', (which was
    > originally 10) to 50 (max). This seems to work for the moment.
    >
    > I don't want to set this too high, leaving my network vulnerable to dos
    > attacks,


    Huh? Now that's technical nonsense. I really fail to see any such DoS
    condition due to allowing as many connections as you want and need, and
    neither do I have any technical reference that anyone ever mentioned such a
    scenario.

    And in fact you'd rather DoS yourself with a too low setting.

    > What is the correct (permissible) maximum value I should have this set
    > to?


    16777215 (2**24-1), the maximum.

+ Reply to Thread