Re: SYN FloodingFrom: Ben Okopnik (email@example.com)
- Previous message: Frenzy: ""Self defense" Attack scripts"
- In reply to: Mark O'Brien: "Re: SYN Flooding"
- Next in thread: gminick: "Re: SYN Flooding"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 12 Aug 2001 23:17:20 -0400 From: Ben Okopnik <firstname.lastname@example.org> To: email@example.com Subject: Re: SYN Flooding Message-ID: <20010812231719.B950@pocketmail.com>
On Thu, Aug 09, 2001 at 11:28:13AM -0700, Mark O'Brien wrote:
> If your Linux Kernel supports it you can turn on TCP Syncookies like this:
> # Like floodguard on a PIX
> echo -n "Enabling TCP Syncookies (floodguard)..."
> echo 1 >/proc/sys/net/ipv4/tcp_syncookies
> echo "done."
> I do this in my firewall startup scripts.
Do realize, however, that your kernel has to be compiled with
"CONFIG_SYN_COOKIES" turned on; it's off by default.
We are just tenants on this world. We have just been given a new
lease, and a warning from the landlord. -- Arthur C. Clarke (2010)