Help on Syn flood with Apache
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Hi All,
I am using Apache 2.2 with mpm model as worker in RedHat 3.0.
When I do a dmesg from the command prompt I get lot of the below message
possible SYN flooding on port 84. Sending cookies.
possible SYN flooding on port 82. Sending cookies.
possible SYN flooding on port 81. Sending cookies.
possible SYN flooding on port 84. Sending cookies.
Those are the listening the ports of the Apache.I am having 4 different instances are running.When I do a netstat of lsof on a particular port I see SYN_RCV is taking 50 % of the connections, which may have caused the kernel to throw the "SYN_FLOOD_ATTACK", correct me if I am wrong.
I have the following configuration net.ipv4.tcp_max_syn_backlog = 1024 and net.ipv4.tcp_syncookies = 1 and net.ipv4.tcp_keepalive_time = 7200
So what would be the workaround for the above scenario, and what is the main issue it is causing the above behavior.Any help would be very much appreciated.
Thanks in advance
Regards
Arnab
[Index of Archives]
[Open SSH Users]
[Linux ACPI]
[Linux Kernel]
[Linux Laptop]
[Kernel Newbies]
[Security]
[Netfilter]
[Bugtraq]
[Squid]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Samba]
[Video 4 Linux]
[Device Mapper]
