This is an old revision of the document!
This are some basic anti-script-kiddie sysctl configurations to protect your server from SYN flooding
net.ipv4.conf.default.rp_filter=1 net.ipv4.conf.all.rp_filter=1 net.ipv4.tcp_syncookies=1 net.ipv4.tcp_max_syn_backlog=2048 net.ipv4.tcp_synack_retries=3
You can apply this changes live without rebooting using sysctl, for example:
<code bash>
sysctl net.ipv4.conf.default.rp_filter=1
</code bash>
Source: https://serverfault.com/questions/459607/tune-linux-kernel-against-syn-flood-attack