HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (
-   Tips/Tricks/Mods (
-   -   Enable TCP SYN Cookie Protection (

sysconfig 3rd November 2006 08:18

Enable TCP SYN Cookie Protection
A "SYN Attack" is a Denial of Service (DoS) attack that consumes all the resources on your machine, forcing you to reboot. Denials of Service attacks (attacks which incapacitate a server due to high traffic volume or ones that tie-up system resources enough that the server cannot respond to a legitimate connection request from a remote system) are easily achievable from internal resources or external connections via extranets and Internet. Enabling TCP SYN Cookie Protection will help to eliminate the problem.

Edit the sysctl.conf file (vi /etc/sysctl.conf) and add the following line:


# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1

Once the configuration has been set, you must restart your network for the change to take effect.
The command to restart the network is the following:

To restart all network devices manually on your system, use the following command:
[root:~ ]# /etc/rc.d/init.d/network restart

qwe010 6th November 2006 15:09


i do

but i see thise message

error: unknown error 1 setting key 'net.ipv4.tcp_syncookies'

my server is VPS ?

falko 7th November 2006 17:27


Originally Posted by qwe010
my server is VPS ?

I bet this is the problem.

qwe010 7th November 2006 22:37

but i have full root access :confused:

falko 8th November 2006 19:13

But it is a VPS, no matter if you have root access or not. A VPS behaves differently than a normal server in the one or other way...

qwe010 8th November 2006 19:25

thanks falko

All times are GMT +2. The time now is 00:47.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.