|
|
|
|
|
|
by tyingq
1680 days ago
|
|
|
"to check counters ratio in a background - if it exceeds some value (i.e. 1.5) we will execute user-defined action and reset counters for triggered IP" Interesting approach, though it seems like it should have a "floor/minimum" count first. Otherwise, 2 syns, 1 syn-ack is 2:1. Fairly easy to trigger accidentally with bad timing. |
|
|