Date: Tue, 19 Sep 2006 21:13:13 -0700 From: "Adam Crews" <adam.crews (at mark) gmail.com> Subject: [coba-e:07103] Re: SYN Floods To: coba-e (at mark) bluequartz.org Message-Id: <1486c6440609192113r2fd4a031g442eae3e946c2b77 (at mark) mail.gmail.com> In-Reply-To: <00b301c6dc65$8641baa0$6400a8c0@YOUR4105E587B6> References: <00a401c6dc5c$7c9e7820$6400a8c0@YOUR4105E587B6> <00b301c6dc65$8641baa0$6400a8c0@YOUR4105E587B6> X-Mail-Count: 07103My system has it available, but disabled by default. Simply try a 'echo 1 > /proc/sys/net/ipv4/tcp_syncookies' and you should be all set. -Adam On 9/19/06, Darrell D. Mobley <dmobley (at mark) uhostme.net> wrote: > > I have blocked three SYN_FLOOD attacks tonight alone. Haven't had the > server overloaded yet, but it could be a long night. > > > ------------------------------ > > *From:* Darrell D. Mobley [mailto:dmobley (at mark) uhostme.net] > *Sent:* Tuesday, September 19, 2006 10:29 PM > *To:* coba-e (at mark) bluequartz.org > *Subject:* [coba-e:07101] SYN Floods > > > > I have come to the conclusion when I get the random message that the web > server is not responding that the server is experiencing a SYN flood. I > have sshdfilter and portsentry running, and I imagine that when a > script-kiddie gets blocked, he gets pissed and unleashes a SYN flood. > > > > Does BlueQuartz have capabilities for tcp_syncookies built into the > kernel? > -- ----------------------------------------------------------------- Shroom.net Donation Based Web Hosting http://www.shroom.net/ -----------------------------------------------------------------7103_2.html (attatchment)(tag is disabled)