On Mon, 19 Jan 2015, Michael van Elst wrote:
Date: Mon, 19 Jan 2015 09:24:02 +0000 (UTC)
From: Michael van Elst <[email protected]>
To: [email protected]
Newsgroups: lists.netbsd.current-users
Subject: Re: DoS attack against TCP services
[email protected] writes:
Unfortunately, all TCP connections are now in the TIME_WAIT state.
bash-4.3 # netstat -a -n | grep TIME_WAIT | wc -l
34611
Is there a way to remove it without rebooting the server?
tcpdrop(8)?
It works. But why doesn't drop the kernel it automatically?
TCP connections in TIME_WAIT will expire after some time, usually between
10 and 60 seconds after a connection is closed. The timeout depends on
the distance of the remote machine.
Yes, but in my case the connections are not expired after over one hour.
Uwe
