On Fri, Aug 21, 2009 at 04:34:18PM +0200, Pascal Hambourg wrote: > Make an exception to the syn flood protection for TCP port 80 (or any > port apache listens on), with at least a much higher limit than 1/s. How > high ? Well, as high as your system can take without choking. As a side note somebody doesn't need to SYN-flood Apache to bring it down, have a look at Slowloris [1]. Simon [1]: http://ha.ckers.org/slowloris/ -- + privacy is necessary + using http://gnupg.org + public key id: 0x92FEFDB7E44C32F9
Attachment:
signature.asc
Description: Digital signature
