I'm not super familiar with Linux's syncookies, but if being used as for a reflection attack, you're probably into syncookie territory, and that gets you down to one syn/ack per syn anyway.
I guess if the attacker is sending a low number of SYNs to get the reflection, you could still hit the the 5 retries (is that actually 5 SYN/ACKs or the original + 5 retries?). But then again, if it's a low number, does it make a big difference? Maybe, but there's a lot bigger reflection vectors out there.
I guess if the attacker is sending a low number of SYNs to get the reflection, you could still hit the the 5 retries (is that actually 5 SYN/ACKs or the original + 5 retries?). But then again, if it's a low number, does it make a big difference? Maybe, but there's a lot bigger reflection vectors out there.