[EMAIL PROTECTED] wrote:
Hi all,
I can see a message on my log files "possible SYN flooding on port 8080.
Sending cookies." not on access.log and cache.log, but I've seen this on the
message.log.
Is this a big problem? how can I prevent this?
Thanks,
Wennie
You can enable syn-cookies (prevent syn-flood attacks):
$ echo "1" >/proc/sys/net/ipv4/tcp_syncookies
or
reduce number of possible SYN Floods:
$ echo "1024" >/proc/sys/net/ipv4/tcp_max_syn_backlog
you can need a iptables script and see the 'limit' module in iptables.
Thanks
Emilio C.
