User Tools
docu:csheet:net:firewall:syn_flooding
This is an old revision of the document!
Protect your *nix server from SYN flooding
This are some basic anti-script-kiddie sysctl configurations to protect your server from SYN flooding
- /etc/sysctl.conf
net.ipv4.conf.default.rp_filter=1 net.ipv4.conf.all.rp_filter=1 net.ipv4.tcp_syncookies=1 net.ipv4.tcp_max_syn_backlog=2048 net.ipv4.tcp_synack_retries=3
You can apply this changes live without rebooting using sysctl, for example:
<code bash>
sysctl net.ipv4.conf.default.rp_filter=1
</code bash>
Source: https://serverfault.com/questions/459607/tune-linux-kernel-against-syn-flood-attack
docu/csheet/net/firewall/syn_flooding.1586008796.txt.gz · Last modified: 2020/04/04 13:59 by admin
Except where otherwise noted, content on this wiki is licensed under the following license: GNU Free Documentation License 1.3
