Nasser Heidari

2009-04-11

Protecting Server Against TCP Syn-Flood Attack !!!

Filed under: Linux,Security Tips and Issues — Nasser Heidari @ 00:24
#iptables -I INPUT -m state --state NEW -p tcp -m tcp --syn -m recent --name synflood 
--update --seconds 1 --hitcount 60 -j DROP

iptables -N syn-flood 

iptables -A syn-flood -m limit --limit 10/s --limit-burst 24 -j RETURN 

iptables -A syn-flood -j DROP 

iptables -I INPUT -i eth0 -p tcp --syn -j syn-flood

These rules limit new inbound TCP Connections (Packets with SYN bit set) to 10 per second after 24 connections per second have been seen .

Advertisements

2 Comments »

  1. yet.

    Comment by linkshop — 2009-04-11 @ 09:33

  2. Hi, nice post. I have been pondering this issue,so thanks for sharing. I’ll definitely be subscribing to your posts.

    Comment by How I Lost Thirty Pounds in Thirty Days — 2009-05-04 @ 06:22


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: