Heya,
FREEBSD 4.9-STABLE
Is there anyway to block SYN attacks and prevent it from bring down
my server?
Its been attacking for sometime.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe
On Tuesday 06 April 2004 12:01 pm, Spades wrote:
Heya,
FREEBSD 4.9-STABLE
Is there anyway to block SYN attacks and prevent it from bring down
my server?
Its been attacking for sometime.
Checkout the link below. There's a series of articles regarding firewalls in
FreeBSD:
http
the
# counter.
Thanks for your help.
Syn cookies are relatively new to FreeBSD. Long time ago, FreeBSD
had different protection for syn attacks (dropping of random SYN
packets, progressively increasing as SYN flood increases).
I use an ipfw pipe with dummynet kernel
.
- Original Message -
From: Per Engelbrecht [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Saturday, February 07, 2004 5:58 PM
Subject: Re: SYN Attacks - how i cant stop it
Hi,
snip
all nights. Check this.
Feb 6 11:54:24 TCP: port scan detected [port 6667] from
.
- Original Message -
From: Per Engelbrecht [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Sent: Saturday, February 07, 2004 5:58 PM
Subject: Re: SYN Attacks - how i cant stop it
Hi,
snip
all nights. Check this.
Feb 6 11:54:24 TCP: port scan detected [port 6667] from
PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Anton
Alin-Adrian
Sent: Friday, February 13, 2004 10:27 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: SYN Attacks - how i cant stop it
Most important, you did turn on syncookies, did you not?
FreeBSD is pretty immune to syn floods
JJB wrote:
You talk about the net.inet.tcp.syncookies=1 knob,
how about an description on what it does and why you
are recommending using it.
The net.inet.tcp.syncookies 'knob', if set to 1, enables syn cookies.
Syn cookies were invented specifically for syn flood protection. A brief
description
/messages /var/log/security.log.
# The following statements enable this function.
# man tcp(4) and man udp(4) contain a little information on these
MIBs
net.inet.tcp.log_in_vain=1
net.inet.udp.log_in_vain=1
# To defend against SYN