A SYN Attack is a denial of service DoS attack that consumes all the resources on your machine, forcing you to reboot. Denial of service attacks -attacks which incapacitate a server due to high
traffic volume or ones that tie-up system resources enough that the server cannot respond to a legitimate connection request from a remote system) are easily achievable from internal resources
or external connections via extranets and Internet. To enable it, you have to do:
[root@deep] /# echo 1 > /proc/sys/net/ipv4/tcp_syncookies
|
Add the above commands to the
/etc/rc.d/rc.local script file and you'll not have to type it again the next time you reboot your system.
Edit the
/etc/sysctl.conf file and add the following line:
# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1
|
You must restart your network for the change to take effect. The command to restart the network is the following:
[root@deep] /# /etc/rc.d/init.d/network restart
Setting network parameters [ OK ]
Bringing up interface lo [ OK ]
Bringing up interface eth0 [ OK ]
Bringing up interface eth1 [ OK ]
|
If you receive an error message during execution of the above command, check that you have enabled the
TCP syncookies option in your kernel configuration:
IP: TCP syncookie support not enabled per default CONFIG_SYN_COOKIES Y/n/?.
