> Define 'cleanly'. You could do the connect stuff in nonblocking mode then
> switch to blocking mode after one of the sockets is in the connected
But how do you have multiple "accept"s pending?
> decent stateless filters can block fragment attacks; stealth scans really
> cant be detected at the application level, so you are a loser there as
They can't be *detected*, but they can't get through a proxy either, since
the proxy won't accept the SYN/ACK.
The big thing is that when the next silly bugger figures out an IP level
attack, odds are the proxies will block it because they throw all that