Hardening the TCP/IP stack to SYN attacks
Once upon a time, there was a TCP/IP stack and hackers. One of the most popular attacks against TCP/IP stack is TCP SYN flood. It is not just the problem of implementation but also the TCP/IP stack itself. If you have servers in the wild, you must harden those servers.
Windows 2000
Modify values in below registry keys:
HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
SynAttackProtect = 1TcpMaxHalfOpen = 500TcpMaxHalfOpenRetried = 400TcpMaxPortsExhausted = 5
Linux
There is only one modification for Linux.
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
- sugree's blog
- 1043 reads
User login
Recent comments
-
Pyjamas 0.3 Released
3 years 3 weeks ago -
ผมว่าใช้ี
3 years 8 weeks ago -
Drupal is big thing!
3 years 8 weeks ago -
Adding a box to an existing form
3 years 9 weeks ago -
just a question, how to
3 years 9 weeks ago -
add a horizontal line after every data in Script
3 years 11 weeks ago -
I'm just getting into using
3 years 11 weeks ago -
how to create simple sap script i need the steps with snap shot
3 years 12 weeks ago -
แต้งค่า........
3 years 12 weeks ago -
Hi, I tried to execute the
3 years 12 weeks ago
Navigation
Who's online
There are currently 0 users and 21 guests online.
Syndicate
Post new comment