Richard,
Thank you for your reply. I am not sure about the Kernel. to Tell you the
truth I haven't installed the kernel source yet I'm Pretty low on Hard drive
Space so I haven't had the opportunity. I am Running the Default RH 6.1
Kernel if that means anything. I already have the kernel source and know to
configure it I just haven't had time to do it just yet. I have one question
about compiling the kernel. When I Run uname -a I see [EMAIL PROTECTED]
Well I want to Change this to [EMAIL PROTECTED] what file would I edit
to change this? I Have Looked in the Makefile and do not see any options for
it But then again the only kernel I have ever compiled is the 2.2.13 source
off of kernel.org.
Tonight I will have to find a way to clear up 50 Meg of room or so and do a
recompile. I think I have like 2 or 3 different kernel sources archived
anyway so I will go home and do this
#cd /usr/src
#tar -xzf /home/chrisben/download/linux-2.2.13.tgz
#ln -sf linux-2.2.13 linux
#cd linux
#pico Makefile
#make menuconfig
#make dep clean bzImage modules modules_install
then move the new kernel to the proper location, pico lilo.conf and then run
lilo to change the MBR
I should be okay to delete all the old kernels, kernel source, and
modules... right? I will obviously keep a spare boot disk handy but Should
not have any problems. One thing I run into is that there is so much stuff
compiled into a Standard Kernel that if I try and compile a kernel with
everything that is in the standard one that the Kernel is too big.
I have a lot to compile into the kernel. I know for a fact that a Kernel in
FreeBSD can Be Gigantic and that there is not real limitation. is there a
reason for the small Limit?
Thank you Very Much for the Information. I think that this is something that
I will have to take not of as Everyone should have compiled in to their
Kernel! then all it looks like I will need added in to My Firewall script
would then be:
echo 1 >/proc/sys/net/ipv4/tcp_syncookies
Thank you For the suggestion!
Regards,
Chris Bennett
> -----Original Message-----
> From: Richard Adams [SMTP:[EMAIL PROTECTED]]
> Sent: Tuesday, December 28, 1999 12:13 PM
> To: Chris Bennett
> Cc: [EMAIL PROTECTED]
> Subject: Re: Synflood Attack
>
> On Thu, 23 Dec 1999, Chris Bennett wrote about, Synflood Attack:
> > Last night I was the Victim of a synflood attack.I Had thought that I
> had a
> > pretty good Firewall set up with IP Chains I was able to sign ofline,
> block
> > the offending packets and then go boack online (boy that made one hell
> of a
> > log file!
> > the attack used www.fbi.gov for a relay so I sent them an e-mail about
> the
> > attack, but would like to know if there's sonthing I can do to prevent
> this
> > from happening again
> > If anyone has any experience in this area I would love to hear some
> > sugestions
> > What I would like to do is detact the attacks and then deny all
> conections
> > from that IP Address.
>
> Do you have "CONFIG_SYN_COOKIES" defined in your kernel ??.
> If not remake the kernel and define it.
> Read /usr/src/linux/Documentation/Configure.help
>
>
> > REgards,
> > Chris Bennett
> --
> Regards Richard
> [EMAIL PROTECTED]
> http://people.zeelandnet.nl/pa3gcu/
> Merry Xmas.
