Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "Syn-Cookies"
From NetSec
GertieUbpgdd (Talk | contribs) |
Gonzalo58T (Talk | contribs) (Was complete bullshit. Fixing it with proper info.) |
||
(One intermediate revision by one other user not shown) | |||
Line 1: | Line 1: | ||
− | Syn-cookies | + | Syn-cookies is a counter-measure against SYN flood attacks (see: [[DDoS_Attacks#Three_way_handshake_and_Connect_State|three-way tcp handshake]]) that enables resilience against these by storing the necessary state informations of the 3-way-handshake into some TCP headers (the Options and Timestamp headers) instead of keeping it in the server's RAM. Since it is a hack over TCP, Syn-cookies are usually automatically enabled during SYN-flood attacks by the operating system's network stack. |
− | + | ||
+ | To disable them on Linux, set net.ipv4.tcp_syncookies to 0 (or write 0 into /proc/sys/net/ipv4/tcp_syncookies) | ||
+ | |||
+ | Syn-Cookies protect servers from basic SYN flood attacks quite well. |
Latest revision as of 16:07, 28 September 2012
Syn-cookies is a counter-measure against SYN flood attacks (see: three-way tcp handshake) that enables resilience against these by storing the necessary state informations of the 3-way-handshake into some TCP headers (the Options and Timestamp headers) instead of keeping it in the server's RAM. Since it is a hack over TCP, Syn-cookies are usually automatically enabled during SYN-flood attacks by the operating system's network stack.
To disable them on Linux, set net.ipv4.tcp_syncookies to 0 (or write 0 into /proc/sys/net/ipv4/tcp_syncookies)
Syn-Cookies protect servers from basic SYN flood attacks quite well.