[olug] SYN Flood Protection
Daniel Linder
dan at linder.org
Tue Jan 17 22:08:45 UTC 2006
On Tue, January 17, 2006 15:45, Charles Bird wrote:
> The resources that I have been using is my buddy and a little bit on
the
> web, I dont have the URL atm but i know I started out on:
>
http://www.cyberciti.biz/nixcraft/vivek/blogger/2005/07/linux-iptables-10-how-to-block-common.html
> and then I was in alot of other sites, no books.
Thanks, i'll peruse that later...
> I believe my buddy has the tools to crash but if not then may take
longer
> for my to figure that out since i dont have anything like that on
hand.
> Would Pentoo have that on disc perhaps? I know it has "cisco
torch" so I
> am assuming that it can ddos too.
When you say "crash", do you mean a true kernel panic and/or
taking the OS down, and/or make the firewall un-usable to pass
packets?
The latter is quite easy to do if you have the system log too much -- from
experience, I know that you don't want your Internet-exposed firwall
device logging each denied packet. :( Since I was only wanting an
overview of what was happening, I used the --limit/--limit-burst options
to limit my logging after that.
Dan
- - - -
"Wait for that wisest of all counselors, time." -- Pericles
"I do not fear computers, I fear the lack of them." -- Isaac
Asimov
GPG fingerprint:6FFD DB94 7B96 0FD8 EADF 2EE0 B2B0 CC47 4FDE 9B68
More information about the OLUG
mailing list