[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Re: syn_flood dos attack (Nico Meijer)

Subject: Re: [cobalt-security] Re: syn_flood dos attack (Nico Meijer)
From: Nico Meijer <nico.meijer@xxxxxxxxx>
Date: Wed, 02 Jan 2002 09:03:48 +0100
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Hi Jordan,

[BTW - it's not iptables stuff]

Well, I tried using the iptables stuff- (echo 1 >
/proc/sys/net/ipv4/tcp_syncookies), and I still see the syn stuff, but I
think its working.  Apache hasn't crashed yet, which is great.  Thanks Nico,
I appreciate the info.

The SYN packets will always reach your box, of course. But if it really issomeone trying to do Bad Things, you'll be more secure than you were before.

Forgot to check the IP you mentioned in your original post. Just did and itis a mindspring.com IP. This fits right in with my findings on my boxen.


Have a great one... Nico

References:
- [cobalt-security] Re: syn_flood dos attack (Nico Meijer)
  - From: Jordan Lowe

Prev by Date: [cobalt-security] Re: syn_flood dos attack (Nico Meijer)
Next by Date: Re: [cobalt-security] Re: syn_flood dos attack (Nico Meijer)
Previous by thread: [cobalt-security] Re: syn_flood dos attack (Nico Meijer)
Next by thread: Re: [cobalt-security] Re: syn_flood dos attack (Nico Meijer)

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index