The TCP/IP protocol layer contains two other configurable settings which can improve the security of your system by preventing so-called SYN attacks.
A SYN attack is a malicious flood of SYN frames which can cause the TCP/IP stack to run out of memory. The defense against this form of attack can be activated or disabled by means of the 'synattack' and 'syncookie' parameters.
As with other IP protocol settings, this is done using the INETCFG command.
Although it can be done manually, the recommended method is to create the
file INETCFG.INI in the directory indicated by the environment variable
ETC, and add the lines:
synattack 1
syncookie 1
Then create or edit the file x:\TCPIP\BIN\B4TCP.CMD (where x is
the letter of the drive or volume on which TCP/IP is installed) and add
the line:
IF EXIST %ETC%\INETCFG.INI CALL inetcfg.exe -set all
(This file will be called automatically by the TCP/IP startup routine.)
Optionally, you can also configure other INETCFG parameters by adding them to INETCFG.INI. For more information about INETCFG and the various other parameters which are available, refer to the TCP/IP Command Reference.
Note: The 'syncookie' option is only available in MPTS V5.5 (WR_8620) and up.