[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
SYN cookie
- From: Amit Mohan <amitm aol net>
- To: General Red Hat Linux discussion list <redhat-list redhat com>
- Subject: SYN cookie
- Date: Wed, 07 Dec 2005 14:08:57 -0500
I have very recently migrated my production farm to Linux from Solaris
and have enabled the SYN cookie protection
hearing that they might actually work someday and save me :) The trafic
to my site is around 5K hits/sec and it is almost
always a destination for hackers with different kind of attacks. I am
totally new to Linux and after reading some internet
articles on SYN cookies I have some questions which I am puting below.
My sincere apologies to everyone if this is not the right listserv for
the kind of question I am asking so feel free to kick me
out.
My questions are :
1) Why RedHat does not have an extensive documentation on this subject
? I have tried my level best but couldn't find anything
on the RH sites.
2) After enabling the protection ideally I should not see any
TIME_WAIT/CLOSE_WAIT connections in the netstat -na command.
According to the limited documentation I could find, this protection
does not work unless there is a SYN attack on the site. Is this
statement true ? How do I know if it's working or not for me without
going through an attack ?
3) However, after enabling this feature I do see this :
netstat -s|grep SYN
137445 invalid SYN cookies received
What does it mean ?
Thanks for your time ,
Amit Mohan
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]