In light of the recently published article on Quick Blind TCP Connection Spoofing with SYN Cookies, I wanted to see what operating systems and distributions have Syncookies enabled by default.
|Ubuntu Linux 12.04||net.ipv4.tcp_syncookies||On|
|Debian Linux 6||Off|
|Debian Linux 7||On|
|Solaris 10||Not Implemented||Off|
|OpenBSD 5.3||Not Implemented||Off|
I'm not sure that turning off Syncookies is the best idea, due to the potential DoS effects from disabling them – applications should use something besides IP addresses for authentication.