Possible SYN flood

To: debian-user@lists.debian.org
Subject: Possible SYN flood
From: Krzysztof Adamski <kadamski@netsurf.net>
Date: Fri, 13 Feb 1998 23:30:32 -0500 (EST)
Message-id: <[🔎] Pine.LNX.3.96.980213232316.26835A-100000@white.netsurf.net>

Hi, can somebody explain this messages from my log file, the
xxx.xxx.xxx.110 is an alias address to the machine, and there is a web
site on it. The weird thing is that this messages always start at 17:45 EST
Is there anything that can be done on the boarder router to stop this.

Feb  9 17:44:00 brown kernel: Warning: possible SYN flood from 152.163.194.219 on xxx.xxx.xxx.110:80.  Sending cookies
. 
Feb  9 17:44:00 brown kernel: validated probe(152.163.194.219:59561, xxx.xxx.xxx.110:80, -1662666217) 
Feb  9 17:44:02 brown kernel: validated probe(141.225.47.124:1504, xxx.xxx.xxx.110:80, -1095815834) 
Feb  9 17:44:02 brown kernel: validated probe(207.115.33.121:1095, xxx.xxx.xxx.110:80, 475122559) 
Feb  9 17:44:09 brown kernel: validated probe(167.142.17.159:2915, xxx.xxx.xxx.110:80, 1292039757) 
Feb  9 17:44:17 brown kernel: validated probe(206.171.250.10:1176, xxx.xxx.xxx.110:80, 1122366280) 
Feb  9 17:44:26 brown kernel: validated probe(194.74.254.61:1676, xxx.xxx.xxx.110:80, 902713201) 
Feb  9 17:44:34 brown kernel: validated probe(198.163.126.160:1330, xxx.xxx.xxx.110:80, -1546263976) 
Feb  9 17:44:42 brown kernel: validated probe(152.163.195.242:3985, xxx.xxx.xxx.110:80, -94140596) 
Feb  9 17:44:46 brown kernel: validated probe(152.163.195.240:36305, xxx.xxx.xxx.110:80, 1823194271) 
Feb  9 17:44:57 brown kernel: validated probe(152.163.195.89:47919, xxx.xxx.xxx.110:80, -329957286) 
Feb  9 17:45:01 brown kernel: Warning: possible SYN flood from 206.251.87.100 on xxx.xxx.xxx.110:80.  Sending cookies.
 
Feb  9 17:45:01 brown kernel: validated probe(206.251.87.100:1209, xxx.xxx.xxx.110:80, -1815313807) 
Feb  9 17:45:08 brown kernel: validated probe(198.150.173.48:4425, xxx.xxx.xxx.110:80, 1116936921) 
Feb  9 17:45:24 brown kernel: validated probe(194.95.223.100:1481, xxx.xxx.xxx.110:80, -213073648) 
Feb  9 17:45:24 brown kernel: validated probe(129.187.13.89:8718, xxx.xxx.xxx.110:80, -1219587515) 
Feb  9 17:45:39 brown kernel: validated probe(208.210.71.128:1268, xxx.xxx.xxx.110:80, -782135885) 
Feb  9 17:45:42 brown kernel: validated probe(40.33.1.12:57740, xxx.xxx.xxx.110:80, -272567534) 
Feb  9 17:45:43 brown kernel: validated probe(32.96.60.208:2156, xxx.xxx.xxx.110:80, -2075912066) 
Feb  9 17:45:47 brown kernel: validated probe(196.7.191.18:3851, xxx.xxx.xxx.110:80, 1120599406) 
Feb  9 17:45:54 brown kernel: validated probe(38.176.239.9:1251, xxx.xxx.xxx.110:80, -920238982) 
Feb  9 17:45:54 brown kernel: validated probe(206.50.127.143:1085, xxx.xxx.xxx.110:80, 919765144) 
Feb  9 17:45:56 brown kernel: validated probe(206.206.120.114:1211, xxx.xxx.xxx.110:80, -1997225313) 
Feb  9 17:45:58 brown kernel: validated probe(152.163.195.104:16976, xxx.xxx.xxx.110:80, 754471455) 
Feb  9 17:45:58 brown kernel: validated probe(153.34.23.24:1806, xxx.xxx.xxx.110:80, -454878956) 
Feb 13 22:43:18 brown kernel: Warning: possible SYN flood from 12.67.69.166 on xxx.xxx.xxx.110:80.  Sending cookies. 
Feb 13 22:43:19 brown kernel: validated probe(12.67.69.166:1264, xxx.xxx.xxx.110:80, -826865809) 
Feb 13 22:43:33 brown kernel: validated probe(202.161.228.2:3173, xxx.xxx.xxx.110:80, -991330776) 
Feb 13 22:43:53 brown kernel: validated probe(209.94.100.120:1909, xxx.xxx.xxx.110:80, 1695798083) 
Feb 13 22:43:58 brown kernel: validated probe(141.142.121.5:2345, xxx.xxx.xxx.110:80, 1197210643) 
Feb 13 22:43:58 brown kernel: validated probe(192.52.106.30:2972, xxx.xxx.xxx.110:80, 1765572269) 
Feb 13 22:44:38 brown kernel: Warning: possible SYN flood from 152.163.204.6 on xxx.xxx.xxx.110:80.  Sending cookies. 
Feb 13 22:44:38 brown kernel: validated probe(152.163.204.6:12373, xxx.xxx.xxx.110:80, -1511816429) 
Feb 13 22:44:58 brown kernel: validated probe(205.152.121.23:2412, xxx.xxx.xxx.110:80, -1978314132) 
Feb 13 22:45:03 brown kernel: validated probe(152.163.197.36:25867, xxx.xxx.xxx.110:80, 278637994) 
Feb 13 22:45:13 brown kernel: validated probe(208.192.148.226:1047, xxx.xxx.xxx.110:80, -245737043) 
Feb 13 22:45:16 brown kernel: validated probe(152.163.201.7:39418, xxx.xxx.xxx.110:80, -1382976980) 






--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Prev by Date: isdnutils error : I USE HAMM
Next by Date: Re: BASH question
Previous by thread: isdnutils error : I USE HAMM
Next by thread: More .pdf IRS forms printing problems
Index(es):
- Date
- Thread