Lyubomir Babukchiev wrote: > Здрасти група !!! > Много странен лог забелязах вчера със закъснение... изглежда като някаква > атака но какво цели ? > : > Apr 7 15:43:50 pc1 kernel: TCP: drop open request from 10.1.2.64/1411 > Apr 7 15:43:50 pc1 kernel: TCP: drop open request from 192.168.159.1/1412 > Apr 7 15:43:50 pc1 kernel: TCP: drop open request from 192.168.220.1/1413 > Apr 7 15:43:55 pc1 kernel: TCP: drop open request from 192.168.159.1/1536 > Apr 7 15:43:55 pc1 kernel: TCP: drop open request from 10.1.2.64/1539 > Apr 7 15:43:55 pc1 kernel: TCP: drop open request from 192.168.159.1/1540 > Apr 7 15:43:55 pc1 kernel: TCP: drop open request from 192.168.220.1/1541 > Apr 7 15:43:58 pc1 kernel: TCP: drop open request from 192.168.220.1/1565 > Apr 7 15:43:58 pc1 kernel: TCP: drop open request from 10.1.2.64/1567 > Apr 7 15:43:58 pc1 kernel: TCP: drop open request from 192.168.159.1/1568 > Apr 7 15:43:58 pc1 kernel: TCP: drop open request from 192.168.220.1/1569 > Apr 7 15:44:01 pc1 kernel: TCP: drop open request from 192.168.220.1/1569 > Apr 7 15:44:07 pc1 kernel: TCP: drop open request from 192.168.159.1/1688 > > 10x in Advance ...
Прилича на syn flood. Активирай си TCP Syncookies. Това става като запишеш 1 в /proc/sys/net/ipv4/tcp_syncookies su -c "echo 1 > /proc/sys/net/ipv4/tcp_syncookies" -- Georgi Chorbadzhiyski http://georgi.unixsol.org/ ============================================================================ A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html ============================================================================
