Re: syn flood attacked?

To: debian-security@lists.debian.org
Subject: Re: syn flood attacked?
From: Eric LeBlanc <inouk@toutatis.igt.net>
Date: Fri, 17 May 2002 15:32:11 -0400 (EDT)
Message-id: <[🔎] Pine.LNX.3.96.1020517153004.5080B-100000@toutatis.igt.net>
In-reply-to: <[🔎] 20020517192832.GB568@pn66.sdi.poznan.tpnet.pl>


On Fri, 17 May 2002, Michal Melewski wrote:

> > May 17 23:03:11 ms2 kernel: possible SYN flooding on port 25. Sending cookies.

> > Am I being syn flood attacked? How can I get rid of this?
> Hello
> In this case you are probably a target of a SYN Flood atack.
> What you have to do is to compile your kernel with option with
> protect_against_synflood (or something like this, but for sure in network
> submenu). Make sure to read the help for this option because compiling it into
> kernel isn't enough... (you have to issue a command 
> echo 1 > /don't/remember/where ;) )

It is activated... it's called cookies, as show above.  For more
informations, read this documentation:

http://cr.yp.to/syncookies.html

Eric


-- 
To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Re: syn flood attacked?
  - From: Michal Melewski <mike@carstein.c.pl>

Prev by Date: Re: syn flood attacked?
Next by Date: Re: syn flood attacked?
Previous by thread: Re: syn flood attacked?
Next by thread: Re: syn flood attacked?
Index(es):
- Date
- Thread