Use the Linux system firewall function to defend against network attacks-Linux Enterprise applications-Linux server application information. For details, refer to the following section. VM service providers may be attacked by hackers during operation. Common attacks include SYN and DDOS attacks. By changing the IP address, it is possible to find the attacked site to avoid the attack, but the service interruption takes a long time. A thorough solution is to add a hardware firewall. However, hardware firewalls are expensive. You can consider using the firewall function provided by the Linux system to defend against attacks.
1. resist SYN
SYN attacks use the three-way handshake principle of the TCP/IP protocol to send a large number of network packets that establish connections, but do not actually establish connections. As a result, the network queue of the attacked server is full, cannot be accessed by normal users.
The Linux Kernel provides several SYN-related configurations. Run the following command: