Latest kernel provides a TCP SYN Cookie feature to defense from SYN flooding. -daveti > On Nov 6, 2014, at 11:58 PM, Silvan Jegen <me@xxxxxxxxxxx> wrote: > > 2014-11-06 16:15,Puneet Agarwal: >> Is there a way to check the reason, why they do not answer to the >> SYN-ACK's? > > I don't think so. After all, they just don't answer and they won't tell > you why (AFAIK there is no way to ask them why either)... > > You could try to check for patterns in the incoming IP addresses to see > from how many different places these connections are being made. I think > that way it should be possible to figure out from which geographic > location these problematic connections are coming from as well. What you > would do with these findings I am not sure though. > > If these connection negatively impact the performance of your servers > you should definitely look into to countermeasures mentioned in the RFC > here. > > http://tools.ietf.org/html/rfc4987 > > > _______________________________________________ > Kernelnewbies mailing list > Kernelnewbies@xxxxxxxxxxxxxxxxx > http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies _______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
