-=> Note:
Copied (from: bit.listserv.novell) by Scott Parks using timEd.
From: Joe Doupnik 
Subject: Re: TCPIP messages
>     I've been getting the following message on my console screen
>and can't find any info about it.
>
>TCPIP-4.0-235: Number of connections in SYN-RECIEVED state on port 25
>has exceeded the maximum (5) allowed by the application.  This could
>be due to a possible SYN Attack.TCPIP is trying to Compensate by
>deleting all half-open connections.
>
>What's a SYN attack?
>
system info:
Netware 4.11 service pack 4a, LIBUPE, latest TCPIPO nlm
>David Seuferer, CNE
>Ames Laboratory
>(515) 294-6053
>fax: (515) 294-5638
>seuferer@ameslab.gov
-----------
        Best to talk with your IP router people now and get the attack
blocked as it enters the site. SYN is TCP start of data stream, and the
SYN attack is to continually open such connections and never responsd to
the local side's complment to the open. Thus the target system crashes from
overallocation of buffer resources. Port 25 is SMTP mail. This is an old
adolescent game. Block at your site's router. Thank Novell for their software
trying to survive the attack automatically.
        Joe D.
--- GEcho 1.11+
---------------