Re: HELP Under Attack

From: Jem Berkes (jb_at_users.pc9.org)
Date: 08/24/04 

Date: 23 Aug 2004 23:02:21 GMT

> How do I stop a Dos Syn Attack. My isp has already stopped Upd
> connections from hitting my servers, but I still have 225,000
> connections to my 5 servers from a Syn attack.

Newer inux kernels have a feature that supposed to be able to reduce the
burden of SYNs flooding the TCP/IP stack. Try:

$ echo 1 > /proc/sys/net/ipv4/tcp_syncookies
$ cat /proc/sys/net/ipv4/tcp_syncookies

Should show 1 for enabled. 

-- 
Jem Berkes
http://www.sysdesign.ca/

Relevant Pages

  • Dos attack
    ... How do I stop a Dos Syn Attack. ... My isp has already stopped Upd connections ... from hitting my servers, but I still have 225,000 connections to my 5 ... servers from a Syn attack. ...
    (comp.os.linux.security)
  • HELP Under Attack
    ... How do I stop a Dos Syn Attack. ... My isp has already stopped Upd connections ... from hitting my servers, but I still have 225,000 connections to my 5 ... servers from a Syn attack. ...
    (comp.os.linux.security)
  • Re: Dos attack
    ... Jim G. wrote: ... > servers from a Syn attack. ... My load balancer is doing well keeping up and I ...
    (comp.os.linux.security)
  • Outbound TCP issue, potentially related to FreeBSD-SA-05:08.kmem [REVISED]
    ... separate FreeBSD machine. ... Outbound TCP connections are randomly failing to connect. ... It only impacts outgoing connections from our web servers - no ... finding that the failures were not port-specific, ...
    (freebsd-net)
  • Re: How to stop two servers in different sites trying to replicate with each other
    ... communicate directly with Site C and vice versa. ... ADSS the DC in Site B keeps setting up one of its replication partners to ... ISTG for intersites connections using BH) ... the ISTG won't use the BH servers between Site C and SiteB to ...
    (microsoft.public.win2000.active_directory)