Reading SYN cookie code in detail
Every defender should read the SYN cookies implementation in the Linux kernel at least once. It is short, clever, and a perfect example of a real-world cryptographic trick. A walk through the actual code.
Notes from the field
Writing
Long-form thinking on cyber defence, detection, and resilience — from Slackware-era honeypots through to AI-driven SOC analytics.
Showing posts tagged tcp — 2 results.
Reading the kernel network stack
An evening spent reading the actual source code of the Linux kernel's TCP handling. What I expected to find versus what I actually found, and why every networking person should do this once.