One consideration is that with DOS attacks the attacker is trying to make the receiving end do as much work as possible for as little cost to the attacker as possible. So with this implementation he'd use an odd combination of option flags to make your server burn as much bandwidth as possible. More than he is using in sending out SYN packets. You can't really put more data in your ACK than he is putting in his SYN or you will lose. Good security requires careful thought :-)
Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds