Some ideas on how to defend SYN flood!

Xiamen-Chi June students in the group of 21 questions?

Is SYN flood not defensible

Just see the group with the learning problem, I am still teaching, the use of the gap simple to give you some ideas.

The old boy has the following simple questions:

1, first understand what is the Syn Flood?

SYN Flood is one of the ways in which DOS (Denial of service attacks) and DDoS (distributed denial of service attacks) are used to send a large number of bogus TCP connection requests using TCP protocol defects, thus making the attacker's resources run out of attack mode.

2, understand the TCP/IP three-time handshake and four-time disconnection process principle

04-old boy Linux technology sharing-osi seven-tier model and protocol-Package Encapsulation solution Package
http://www.tudou.com/programs/view/sP9JY_KranA/

05-old boy Linux technology sharing-tcp three-time handshake four-time disconnection principle process detailed

http://www.tudou.com/programs/view/XjHCDedZQa8/

3. Solve the basic idea of SYN flood

1) The kernel optimization can alleviate

For example:

A, SYN connection pool size settings.

B. Time-out setting

C. Enable SYN cookie Processing

Specific reference: Http://edu.51cto.com/pack/view/id-285.html video in the first part of the Kernel optimization section!

4, Iptables control ideas

Old boy Education Enterprise Iptables interview question: Custom chain processing SYN attack

Iptables-n Syn-flood

Iptables-a input-i eth0-syn-j Syn-flood

Iptables-a syn-flood-m limit-limit 5000/s-limit-burst 200-j RETURN

Iptables-a syn-flood-j DROP

The above content of the old boy education VIP video, said that the job interview 10,000 monthly salary to understand these, enough!

This article is from the "Old boy Linux ops" blog, please be sure to keep this source http://oldboy.blog.51cto.com/2561410/1689897

Some ideas on how to defend SYN flood!