Solved

How to avoid SYN Flood attacks (kernel 2.0.34)

Posted on 1998-07-06
3
497 Views
Last Modified: 2010-05-19
I administer a Linux internet server, and we have been victim to various SYN Flooding attacks, on
ports 25, 23, 21, 110 and 80.  The source IP's of the attacks are spoofed randomly, so we cannot
use IP filtering, since we are an ISP and would be denying access to our own customers.

I use linux kernel 2.0.33, with SYN Cookies and RST Cookies compiled in.  I see all the
syslog messages saying that a I am being attacked and so on.  Even with these two kernel
options compiled, the attack is still working, the backlog on the ports are still being flooded
and i am unable to access them.

Is there any effective free solution to this SYn flood, apart from filtering source IPs (not possible)
and buying a commercial firewall, like Checkpoint Firewall-1 (not viable)?

Thank you.

0
Comment
Question by:lincoln
3 Comments
 

Author Comment

by:lincoln
ID: 1584689
Edited text of question
0
 
LVL 2

Expert Comment

by:JYoungman
ID: 1584690
Are you getting the "sending cookies" message?  Do you get it once a minute?  
0
 
LVL 3

Accepted Solution

by:
marcelofr earned 200 total points
ID: 1584691
As far as I know you can't stop syn-floods... You can detect and log them, maybe block the ip, adjust kernel parameters to let the machine work even with a syn-flood, but that's all you can do..

Good luck,

--
Marcelo
0

Featured Post

Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Note: for this to work properly you need to use a Cross-Over network cable. 1. Connect both servers S1 and S2 on the second network slots respectively. Note that you can use the 1st slots but usually these would be occupied by the Service Provide…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question