Re: syn flood attacked?
Hello "Mark Lanett" <mlanett@parrotchat.net>,
Any other options available in /etc/network/options?
And, is it possible to restrict the max. number of cuncurrent SYN_RECV
packet in the system or max. burst number in a limited time? Any
examples?
On Fri, 17 May 2002 14:55:05 -0700
"Mark Lanett" <mlanett@parrotchat.net> wrote:
> /etc/init.d/networking takes care of it but the option is set by default to
> "no" in /etc/network/options
>
> ~mark
>
> ----- Original Message -----
> From: "Greg Hunt" <greg@supplyedge.com>
> To: <debian-security@lists.debian.org>
> Sent: Friday, May 17, 2002 12:46 PM
> Subject: Re: syn flood attacked?
>
>
> > echo 1 > /proc/sys/net/ipv4/tcp_syncookies
> > to turn on syn cookie support once it's compiled into the kernel.
> >
> > > In this case you are probably a target of a SYN Flood atack.
> > > What you have to do is to compile your kernel with option with
> > > protect_against_synflood (or something like this, but for sure in
> network
> > > submenu). Make sure to read the help for this option because compiling
> it into
> > > kernel isn't enough... (you have to issue a command
> > > echo 1 > /don't/remember/where ;) )
> >
> > --
> > ------SupplyEdge-------
> > Greg Hunt
> > 800-733-3380 x 107
> > greg@supplyedge.com
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact
> listmaster@lists.debian.org
> >
> >
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
--
Patrick Hsieh <pahud@pahud.net>
GPG public key http://pahud.net/pubkeys/pahudatpahud.gpg
--
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: