From owner-freebsd-questions Mon Mar 15 9:29:17 1999 Delivered-To: freebsd-questions@freebsd.org Received: from phoenix.unacom.com (phoenix.unacom.com [209.51.241.25]) by hub.freebsd.org (Postfix) with SMTP id 8B038150C2 for ; Mon, 15 Mar 1999 09:29:07 -0800 (PST) (envelope-from geniusj@phoenix.unacom.com) Received: (qmail 29486 invoked by uid 1000); 15 Mar 1999 17:28:48 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 15 Mar 1999 17:28:48 -0000 Date: Mon, 15 Mar 1999 12:28:48 -0500 (EST) From: The Tech-Admin Dude To: Ruslan Ermilov Cc: questions@FreeBSD.ORG Subject: Re: SYN attacks In-Reply-To: <19990315100709.D64525@relay.ucb.crimea.ua> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, 15 Mar 1999, Ruslan Ermilov wrote: > On Sun, Mar 14, 1999 at 09:51:30PM -0000, geniusj@phoenix.unacom.com wrote: > > Hi, if this is directed towards the wrong list, please forward it to the > > correct one.. My concern is that our server has been getting some massive > > SYN floods from, what we think arespoofed hosts recently. It has brought our > > system to its knees, even with its power (Dual 400 512 mb of ram). We would > > like to somehow restrict these zombie connections from building up so much > > .. I found somewhat of an old kernel patch, but due to the age of it, it isnt > > applicable any more. I would like any suggestions on stopping or weakening > > these attacks either by kernel patch or ip filtering.. Any suggestions are > > welcome. > > > > Thanks, > > Jason DiCioccio > > man 4 dummynet > That looks to be (and as I understood it) for limitting bandwidth going through a certain device, I dont want to llimit overall bandwidth of the system, the SYN attacks dont actually take much bandwidth, but they do take a big chunk of system resources and dont allow anyone else to login while they are going on.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message