[Subject Prev][Subject Next][Thread Prev][Thread Next][Subject Index][Thread Index]

SYN floods

Subject: SYN floods
From: Oommen Thomas <oommen@xxxxxxxxxxxxx>
Date: Thu, 14 Oct 1999 16:05:57 +0530 (IST)

We have been getting problems on our servers due to SYN floods recently.

Oct 13 09:51:41 cc kernel: Warning: possible SYN flood from 207.82.251.222
on xxx.xxx.xxx.xxx:25.  Sending cookies.

The above site is that of hotmail....

The same happened once between two of our servers too, and one of them
refused all requests for around  1 1/2 hours.

Upon search on the Net it seems this is a protection mechanism to
safegaurd against overload (network traffic). Or is it a hacker's attempt?

Any pointers/URLs on this?

PS: The servers in question are on RHL5.1

TIA
-
Oommen


------------------------------

Prev by Subject: Re: sudo rpm for RHL 5.2
Next by Subject: syslogd message
Previous by thread: syslogd message
Next by thread: Are we meeting tomorrow?
Index(es):
- Subject
- Thread