[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Syn flood protection


I'm having problems to secure debian server against syn flood attacks.

Setting /proc/sys/net/ipv4/tcp_syncookies = 1 , didnt solve the problem. I get this in dmesg, and all network traffic sent is lost:

[  561.282950] possible SYN flooding on port 80. Sending cookies.
[  562.869160] dst cache overflow
[  562.873893] dst cache overflow
[  562.878144] dst cache overflow
[  562.881992] dst cache overflow

I've tried to set these parameters from a server protected against this attack (default Ubuntu installations are):

The "dst cache overflow" seems to have stopped, although my network traffic is still being lost.

Any succesfull configurations? Any ideas?

Thanks in advance.


Sergio Roberto Charpinel Jr.

Reply to: