SYN attacks

2004-04-06 Thread Spades
Heya, FREEBSD 4.9-STABLE Is there anyway to block SYN attacks and prevent it from bring down my server? Its been attacking for sometime. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe

Re: SYN attacks

2004-04-06 Thread Andrew L. Gould
On Tuesday 06 April 2004 12:01 pm, Spades wrote: Heya, FREEBSD 4.9-STABLE Is there anyway to block SYN attacks and prevent it from bring down my server? Its been attacking for sometime. Checkout the link below. There's a series of articles regarding firewalls in FreeBSD: http

Re: SYN Attacks - how i cant stop it

2004-02-14 Thread Anton Alin-Adrian
the # counter. Thanks for your help. Syn cookies are relatively new to FreeBSD. Long time ago, FreeBSD had different protection for syn attacks (dropping of random SYN packets, progressively increasing as SYN flood increases). I use an ipfw pipe with dummynet kernel

Re: SYN Attacks - how i cant stop it

2004-02-13 Thread Spades
. - Original Message - From: Per Engelbrecht [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, February 07, 2004 5:58 PM Subject: Re: SYN Attacks - how i cant stop it Hi, snip all nights. Check this. Feb 6 11:54:24 TCP: port scan detected [port 6667] from

Re: SYN Attacks - how i cant stop it

2004-02-13 Thread Anton Alin-Adrian
. - Original Message - From: Per Engelbrecht [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Saturday, February 07, 2004 5:58 PM Subject: Re: SYN Attacks - how i cant stop it Hi, snip all nights. Check this. Feb 6 11:54:24 TCP: port scan detected [port 6667] from

RE: SYN Attacks - how i cant stop it

2004-02-13 Thread JJB
PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Anton Alin-Adrian Sent: Friday, February 13, 2004 10:27 AM To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: SYN Attacks - how i cant stop it Most important, you did turn on syncookies, did you not? FreeBSD is pretty immune to syn floods

Re: SYN Attacks - how i cant stop it

2004-02-13 Thread Anton Alin-Adrian
JJB wrote: You talk about the net.inet.tcp.syncookies=1 knob, how about an description on what it does and why you are recommending using it. The net.inet.tcp.syncookies 'knob', if set to 1, enables syn cookies. Syn cookies were invented specifically for syn flood protection. A brief description

RE: SYN Attacks - how i cant stop it

2004-02-13 Thread JJB
/messages /var/log/security.log. # The following statements enable this function. # man tcp(4) and man udp(4) contain a little information on these MIBs net.inet.tcp.log_in_vain=1 net.inet.udp.log_in_vain=1 # To defend against SYN