Hello "Mark Lanett" <[EMAIL PROTECTED]>, Any other options available in /etc/network/options?
And, is it possible to restrict the max. number of cuncurrent SYN_RECV packet in the system or max. burst number in a limited time? Any examples? On Fri, 17 May 2002 14:55:05 -0700 "Mark Lanett" <[EMAIL PROTECTED]> wrote: > /etc/init.d/networking takes care of it but the option is set by default to > "no" in /etc/network/options > > ~mark > > ----- Original Message ----- > From: "Greg Hunt" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Friday, May 17, 2002 12:46 PM > Subject: Re: syn flood attacked? > > > > echo 1 > /proc/sys/net/ipv4/tcp_syncookies > > to turn on syn cookie support once it's compiled into the kernel. > > > > > In this case you are probably a target of a SYN Flood atack. > > > What you have to do is to compile your kernel with option with > > > protect_against_synflood (or something like this, but for sure in > network > > > submenu). Make sure to read the help for this option because compiling > it into > > > kernel isn't enough... (you have to issue a command > > > echo 1 > /don't/remember/where ;) ) > > > > -- > > ------SupplyEdge------- > > Greg Hunt > > 800-733-3380 x 107 > > [EMAIL PROTECTED] > > > > > > -- > > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] > > > > > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- Patrick Hsieh <[EMAIL PROTECTED]> GPG public key http://pahud.net/pubkeys/pahudatpahud.gpg -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]