Solved

syncattackprotect

Posted on 2010-09-24
8
346 Views
Last Modified: 2012-05-10
how can i check what is the status on this in the OS? what is the recommended setting on this?

thanks
0
Comment
Question by:anushahanna
  • 4
  • 4
8 Comments
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 33755565
Do you mean Syn Attack DoS?
http://support.microsoft.com/kb/324270

"
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services
NOTE: All values are in hexadecimal unless otherwise noted.

    * Value name: SynAttackProtect
      Key: Tcpip\Parameters
      Value Type: REG_DWORD
      Valid Range: 0,1
      Default: 0

      This registry value causes Transmission Control Protocol (TCP) to adjust retransmission of SYN-ACKS. When you configure this value, the connection responses time out more quickly during a SYN attack (a type of denial of service attack).

      The following parameters can be used with this registry value:
          o 0 (default value): No SYN attack protection
          o 1: Set SynAttackProtect to 1 for better protection against SYN attacks. This parameter causes TCP to adjust the retransmission of SYN-ACKS. When you set SynAttackProtect to 1, connection responses time out more quickly if the system detects that a SYN attack is in progress. Windows uses the following values to determine whether an attack is in progress:
                + TcpMaxPortsExhausted
                + TCPMaxHalfOpen
                + TCPMaxHalfOpenRetried
      Note In Windows Server 2003 Service Pack 1, the default value for the SynAttackProtect registry entry is 1.
"
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33756487
Razmus,
I do not see SynAttackProtect option under
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters
or
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services

does that mean it is just not set up.

thanks
0
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 33756604
Yes, I believe that would mean it's not set up.
Has the server not yet received SP1?
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 
LVL 6

Author Comment

by:anushahanna
ID: 33756687
it is at Enterprise 2003 OS with SP2.

it has to be manually setup?
0
 
LVL 30

Expert Comment

by:Rich Weissler
ID: 33756724
In that case, no... if you are post SP1, the default is protection enabled.
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33756843
>>if you are post SP1, the default is protection enabled.

and it will not be seen in registry, either?
0
 
LVL 30

Accepted Solution

by:
Rich Weissler earned 500 total points
ID: 33756907
Yes.
This article: http://support.microsoft.com/kb/910229 references an issue with windows 2003, when the SP is installed.
"To resolve this issue, use the regedit.exe utility to add a new DWORD value named SynAttackProtect to the registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\ with value data of 00000000. "
Specifies specifically ADDING the key to the registry to be able to turn the feature off... the value defaults to 1 (on) if the key is missing.
0
 
LVL 6

Author Comment

by:anushahanna
ID: 33756968
Thanks a bunch my friend.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now