TCP: drop open request from xxx.xxx.xxx.xxx

March 27th, 2008
Posted in System Administration
By jrod
Write comment

massive syn-floods can cause this. I have learned some tricks that can help mitigate these attacks.

echo 30 > /proc/sys/net/ipv4/tcp_fin_timeout
echo 1800 > /proc/sys/net/ipv4/tcp_keepalive_time
echo 1 > /proc/sys/net/ipv4/tcp_window_scaling
echo 0 > /proc/sys/net/ipv4/tcp_timestamps
echo 0 > /proc/sys/net/ipv4/tcp_sack
echo 1280 > /proc/sys/net/ipv4/tcp_max_syn_backlog
echo 1 > /proc/sys/net/ipv4/tcp_syncookies
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_broadcasts
echo 1 > /proc/sys/net/ipv4/icmp_ignore_bogus_error_responses
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
echo 1 > /proc/sys/net/ipv4/conf/all/log_martians
echo 65535 > /proc/sys/net/ipv4/ip_conntrack_max

TCP: drop open request from xxx.xxx.xxx.xxx

Write comment

- slim
- September 9th, 2009 4:18am
- REPLY
- QUOTE
this is lame:
echo “1″ > /proc/sys/net/ipv4/conf/all/accept_redirects
- jrod
- September 9th, 2009 5:17pm
- REPLY
- QUOTE
whoops, that was supposed to be ‘echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects’ , changed in post.

TrackBack URL

No trackbacks yet.

Useful mysql queries for plesk

Installing APC

Return top

Cal

March 2008
M	T	W	T	F	S	S
		Apr »
	1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28	29	30
31

Recent

Theme designed by mono-lab
Powered by WordPress

NO CARRIER