Securing server from SYN flooding DOS attack

December 18, 2010 by 1 Comment

As the internet is becoming larger day by day, therefore security risks for your servers are also increasing. If your server is connected to internet and is hosting some good high traffic and popular websites, then there are high chances that you get SYN flooding. SYN flooding is a kind of DOS attack, a.k.a “Deniel of service” attack.

SYN

SYN packet are specific packes used to establish tcp connection, a packet which send a message to host, something like “Hello, is there anyone on this port?”
If a server is alive, it will give response, “yes, a service is listening”
Now the final step ACK packet, sent back to service and tell “OK, lets begin our talk”

And it start the exchange of information betweek client and server.

SYN flooding

SYN flooding is kind of DOS, which contains large amount of SYN packets, until the capacity of server gets full and it may become not able to receive any more packets.
The basic purpose of SYN flood is to send as large amount of SYN requests, that they consume all the capacity of server and the server may not establish any more connections and give “timed out” error.

Be aware, that there is no way to discard such kind of attacks, but THERE are ways to reduce the impact of such attacks.

Edit /etc/sysctl.conf

and add

Edit iptables firewall

You can run those iptables rules in your server one by one, or just download file from here, chmod it to 755 and just run it.

Keep smiling 🙂

Please follow and like us:
RSS
Follow by Email
Facebook
fb-share-icon
Twitter
Tweet

Related posts:

Default ThumbnailHow to secure SSH in your server ? Default ThumbnailTweaking mysql in Kloxo/LxAdmin Default ThumbnailSecuring Centos and cpanel from root kits using rkhunter (root kit hunter) Default ThumbnailHow to open and close port in iptables ?
Filed Under: Kloxo, System Administration, Tutorials, Web hosting, Web Servers Security Tagged With: , ,
About shk

shk is a DevOps engineer with more than 12 years of experience in different organizations. He enthusiastic about learning new technologies and shares his knowledge through his blogs.

Comments

  1. Nikole says
    June 25, 2013 at 1:59 pm

    Hello there,
    Good post although I have not yet tried it.

    How can someone implement those iptables rules if SHOREWALL is in place?
    Do you know?

    Thank you

    Reply

Comment Policy:

Your words are your own, so be nice and helpful if you can. Please, only use your real name, not your business name or keywords. Using business name or keywords instead of your real name will lead to the comment being deleted. Anonymous commenting is not allowed either. Limit the amount of links submitted in your comment. We accept clean XHTML in comments, but don't overdo it please.

Tell us what you're thinking...

All comments are moderated.

* Denotes required field.

*

CAPTCHA

*

Previous Post:
Next Post: