IPFire 2.29 - Core Update 187 is available for testing
Quoting: www.ipfire.org - IPFire 2.29 - Core Update 187 is available for testing —
Since IPFire is very commonly deployed in data centres where denial-of-service attacks happen on a regular basis, we now have added better protection against those kinds of attacks. Formerly, the system protected itself rather well against (D)DoS attacks, but this was only limited if TCP connections terminated at the firewall itself like for reverse proxies, etc.
Now, IPFire can use TCP SYN cookies to protect infrastructure behind it better against SYN flood attacks. This is especially useful in high-bandwidth scenarios and cloud deployments and can be activated with only one checkbox separately for each firewall rule.