Very Computer

  "possible SYN  flood on <my IP address>:80 from 130.244.157.50"

Debian Linux 2.0.34 ---- apache patched with ssl
I have seen this 'message' on the screen this morning.
The Linux has been hung up for three days ....

How can I know if I have been flooded?
How can I protect my Linux server?

On Tue, 13 Oct 1998 18:46:55 +0000, Enrique Alonso de Armas

You might try posting to one of the .security newsgroups.

You can see if a flood has stopped up the server by simply pulling the
network cable.  If it frees up, that's indicative (if not
evidentiary).
--

"Your brain is actually a fabulously complex computer, which means that
on Jan. 1, 2000, it will stop working and your body will flop around
like a recently caught perch."   (Dave Barry, slightly paraphrased.)

Quote:>   "possible SYN  flood on <my IP address>:80 from 130.244.157.50"

> Debian Linux 2.0.34 ---- apache patched with ssl
> I have seen this 'message' on the screen this morning.
> The Linux has been hung up for three days ....
> How can I protect my Linux server?

You should use the newest Kernel (2.0.35) which is stable, because
2.0.34 had some big bugs, which are closed in 2.0.35.

Christian
--
M$: Our software of tommorrow will make sure that on your
hardware of tomorrow everything will work at the usual speed. ;-)

You can install the free sifi-firewall. It allows to define rules like
"block all packets from an host for 1 minute if it sends more than 100
 pings without at least 1 second in between"