Anything new here?
I think the article you've linked to in sysctl.conf
(http://lwn.net/Articles/277146/) can be seen as encouragement to enable
syncookies, or not?
It already says that they're only activated if the system runs into
trouble, and then it's still better to have "limited connections" (in
the sense that not all features work with syncookies) than none, right?
I think there was even somewhere some coments from Alan Cox which more
or less implied that syncookies are still a good thing (the discussion
was about whether to drop the code at all).