Home > Article > System Tutorial > Detailed explanation of steps to defend against SYN attacks in Linux
sysctl -a | grep _syn net.ipv4.tcp_max_syn_backlog = 1024 net.ipv4.tcp_syncookies = 1 net.ipv4.tcp_synack_retries = 5 net.ipv4.tcp_syn_retries = 5
tcp_max_syn_backlog is the length of the SYN queue. Increasing the length of the SYN queue can accommodate more network connections waiting for connections. tcp_syncookies is a switch, whether to turn on the SYN Cookie function, which can prevent some SYN attacks. tcp_synack_retries and tcp_syn_retries define the number of SYN connection retries, and reduce the default parameters to control the number of SYN connections as little as possible.
ulimit -HSn 65535 sysctl -w net.ipv4.tcp_max_syn_backlog=2048 sysctl -w net.ipv4.tcp_syncookies=1 sysctl -w net.ipv4.tcp_synack_retries=2 sysctl -w net.ipv4.tcp_syn_retries=2
#Syn 洪水攻击(--limit 1/s 限制syn并发数每秒1次) iptables -A INPUT -p tcp --syn -m limit --limit 1/s -j ACCEPT #防端口扫描 iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit 1/s -j ACCEPT #防洪水ping iptables -A FORWARD -p icmp --icmp-type echo-request -m limit --limit 1/s -j ACCEPT
Finally, don’t forget to write the commands in 2, 3 and 3 to /etc/rc.d/rc.local
The above is the detailed content of Detailed explanation of steps to defend against SYN attacks in Linux. For more information, please follow other related articles on the PHP Chinese website!