The administrator of ma.cx have disabled ezard.ma.cx for now.
[1] Advanced Options
[2]State Type
You can use these to help guard against DOS attacks
Yeah, it looks like that would help… but it could be a bit cumbersome if you were trying to make a firewall more resistant to attacks on all ports and destinations. I'd have to think about a good way to handle some sort of global settings.
What I did find helpful was increasing the number of states the firewall could track. I bumped it up from 10k to 40k and then 64k. The higher the setting, the more responsive the firewall itself remained while under attack and with the state tracking table full.
I was watching memory consumping (the ALIX box has 256MB total) and total free memory didn't seem to change much even when tracking 64k connection. In the past I've seen reports of anywhere from 3k to 1k of memory used by each connection tracked. Anyone know if these are still correct?