Answered by the Webhosting Experts
Tags +
...

Managed Services
at Hivelocity

Bare Metal Shouldn’t be a Grind
Let Hivelocity take the busy work out of your daily server maintenance with our Managed Services plans. Choose from 1 of 6 different managed service offerings. Standard and Premium plans available.

Questions about something specific? Chat now with one of our expert account managers and learn which plan is right for you and your customers!

With Managed Server Technicians on-site 24/7/365, your server is always in good hands.

Tags +
...
Tags
...
...

Identify and fix SYN attack

Identifying SYN attack
====================

Load becomes very inconcistant
netstat -an | grep SYN (if long list SYN_REC)
netstat -n -p|grep SYN_REC|wc -l (gives count of SYN attacks)
also checking acces_logs (if perticular IP found to be requesting most
then can block that IP)

Yyou can go for below
====================
iptables -A INPUT -p tcp --tcp-flags ALL NONE -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,FIN SYN,FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags SYN,RST SYN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags FIN,RST FIN,RST -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,FIN FIN -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,PSH PSH -j DROP
iptables -A INPUT -p tcp --tcp-flags ACK,URG URG -j DROP

echo 1 > /proc/sys/net/ipv4/tcp_syncookies
==============================
netstat -an | grep SYN | more

iptables -A INPUT -s IP -j DROP

iptables -A INPUT -s 168.75.16.116 -j DROP

iptables restart

Look for this lines in your /etc/httpd/conf/httpd.conf

Code:——————————————————————————–
# KeepAlive: Whether or not to allow persistent connections (more than
KeepAlive On
# MaxKeepAliveRequests: The maximum number of requests to allow
MaxKeepAliveRequests 100
# KeepAliveTimeout: Number of seconds to wait for the next request from the
KeepAliveTimeout 15
——————————————————————————–
Set KeepAlive On to Off with your favorite text editor
that should work, if not you may be a victim of DoS attack

======================================================

echo 90 > /proc/sys/net/ipv4/tcp_keepalive_time

Share

Facebook
Twitter
LinkedIn
Email
WhatsApp

Need More Personalized Help?

If you have any further issues, questions, or would like some assistance checking on this or anything else, please reach out to us from your my.hivelocity.net account and provide your server credentials within the encrypted field for the best possible security and support.

If you are unable to reach your my.hivelocity.net account or if you are on the go, please reach out from your valid my.hivelocity.net account email to us here at: support@hivelocity.net. We are also available to you through our phone and live chat system 24/7/365.