Security Basics mailing list archives
RE: Preveting DDOS Syn floods on HTTP servers
From: Fernando Gont <fernando () gont com ar>
Date: Wed, 17 Mar 2004 01:10:58 -0300
At 16:22 09/03/2004 +0000, MARTIN M. BĂ©noni wrote:
Well, I do not know IIS, but on Apache tehere are a couple of options which can help preventing from DDOS attacks. Here are a buch of examples:- KeepAlive - MaxKeepAliveRequests - KeepAliveTimeout - ... I will not say you will or will not, I think you can just HELP PREVENTING!
Why should it help? TCP's keepalive was meant to clean the system from half open connections.So it should keick in *fter* a connection has been established, which is not the case of a SYN flood or a reflection attack, as the connections never get established.
For SYN flood, you should enable syncookies. -- Fernando Gont e-mail: fernando () gont com ar || fgont () acm org --------------------------------------------------------------------------- Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off any course! All of our class sizes are guaranteed to be 10 students or less to facilitate one-on-one interaction with one of our expert instructors. Attend a course taught by an expert instructor with years of in-the-field pen testing experience in our state of the art hacking lab. Master the skills of an Ethical Hacker to better assess the security of your organization. Visit us at: http://www.infosecinstitute.com/courses/ethical_hacking_training.html ----------------------------------------------------------------------------
Current thread:
- Preveting DDOS Syn floods on HTTP servers nabi1 (Mar 08)
- RE: Preveting DDOS Syn floods on HTTP servers Shaun Sturby, MCSE Optrics Engineering (Mar 08)
- Re: Preveting DDOS Syn floods on HTTP servers jamesworld (Mar 09)
- RE: Preveting DDOS Syn floods on HTTP servers Aditya, ALD [Aditya Lalit Deshmukh] (Mar 10)
- Re: Preveting DDOS Syn floods on HTTP servers Fernando Gont (Mar 17)
- <Possible follow-ups>
- RE: Preveting DDOS Syn floods on HTTP servers MARTIN M. Bénoni (Mar 09)
- RE: Preveting DDOS Syn floods on HTTP servers Fernando Gont (Mar 17)