I'm not sure if you're refering to SYN flooding, but if you are you can compile syn cookies into your kernel, then enable it by doing a "echo 1 > /proc/sys/net/ipv4/tcp_syncookies".
As for striking back, it's not recommended (it's illegal, they might be attacking from an innocent host they hacked, if they aren't making complete connections the IP is probably spoofed, etc), if it becomes a problem alert the proper authorities or try to find their upstream provider. -Greg > Recently, some of the fools use SYN ,FIN and ACK packet attack my websit and > attempted DROP my Database -_- > > Now, I using iptables to protect my website...... > > <<< > iptables -A FORWARD -p tcp --syn -m limit --limit 1/m -j ACCEPT > iptables -A FORWARD -p tcp --tcp-flags SYN,ACK,FIN,RST RST -m limit --limit > 1/m -j ACCEPT > iptables -A INPUT -p icmp --icmp-type echo-request -m limit --limit 1/m -j > ACCEPT > > My Question is : How should i kick out illegal connection(SYN or FIN) > immediately when iptables is NOT working !!!!!! > -- ------SupplyEdge------- Greg Hunt 800-733-3380 x 107 [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
