[olug] SYN Flood Protection

Daniel Linder dan at linder.org
Tue Jan 17 22:08:45 UTC 2006





On Tue, January 17, 2006 15:45, Charles Bird wrote:

> The resources that I have been using is my buddy and a little bit on
the

> web, I dont have the URL atm but i know I started out on:

>
http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/07/linux-iptables-10-how-to-block-common.html

> and then I was in alot of other sites, no books.



Thanks, i'll peruse that later...



> I believe my buddy has the tools to crash but if not then may take
longer

> for my to figure that out since i dont have anything like that on
hand.

> Would Pentoo have that on disc perhaps? I know it has "cisco
torch" so I

> am assuming that it can ddos too.



When you say "crash", do you mean a true kernel panic and/or
taking the OS down, and/or make the firewall un-usable to pass
packets?



The latter is quite easy to do if you have the system log too much -- from
experience, I know that you don't want your Internet-exposed firwall
device logging each denied packet. :(  Since I was only wanting an
overview of what was happening, I used the --limit/--limit-burst options
to limit my logging after that.



Dan



- - - -

"Wait for that wisest of all counselors, time." -- Pericles

"I do not fear computers, I fear the lack of them." -- Isaac
Asimov

GPG fingerprint:6FFD DB94 7B96 0FD8 EADF  2EE0 B2B0 CC47 4FDE 9B68



More information about the OLUG mailing list