Thread: HELP Under Attack
View Single Post

  #2 (permalink)  
Old 08-24-2004
Jem Berkes
 
Posts: n/a
Default Re: HELP Under Attack
> How do I stop a Dos Syn Attack. My isp has already stopped Upd
> connections from hitting my servers, but I still have 225,000
> connections to my 5 servers from a Syn attack.

Newer inux kernels have a feature that supposed to be able to reduce the
burden of SYNs flooding the TCP/IP stack. Try:

$ echo 1 > /proc/sys/net/ipv4/tcp_syncookies
$ cat /proc/sys/net/ipv4/tcp_syncookies

Should show 1 for enabled.

--
Jem Berkes
http://www.sysdesign.ca/
Reply With Quote