[nylug-talk] Help: Under Attack! (SYN flood)
Joachim Stahl
jstahl88 at gmail.com
Sat Nov 3 23:23:42 EDT 2007
> Well if you used google, it would have pointed to the first hit[0].
> [0] http://www.securityfocus.com/infocus/1729
That article says to do three things:
1. echo 1 > /proc/sys/net/ipv4/tcp_syncookies
2. make net.ipv4.tcp_max_syn_backlog bigger
3. make tcp_synack_retries smaller
#1 was already done.
#2 was 1024, I've made it 2048.
#3 was 5 which on Red Hat is 180 seconds according to Google, I've made
it 3 which keeps connections in the backlog queue only for 45 seconds.
We'll see if that fixes it.
Joe
More information about the nylug-talk
mailing list