SYN cookies

RU: SYN-куки

A defense against SYN-flood attacks (RFC 4987) in which the server encodes connection state into the SYN-ACK sequence number instead of allocating a backlog entry. When the client returns ACK, the server recomputes the cookie from the sequence number to verify the connection and recreate state. The tradeoff is that TCP options (window scaling, timestamps) cannot be stored in the cookie and are lost for those connections.