Protection against weak DDOS (SYN flood)

Question

What firewall can I pair with iptables? And what effective rule can I create to say if I’ve banned IP if it has more than 100 connections or flooding.

Weakness is a vulnerability! [As an option] [1] [1]: habrahabr.ru/blogs/infosecurity/69854

Dex dex 8,630 3 28 57 · Accepted Answer · 2011-12-17T10:05:33

You described the usual DOS. For him in iptables there is a rule:

iptables -A INPUT -p tcp --tcp-flags SYN,ACK,FIN SYN -m limit --limit 100/sec -j ACCEPTiptables -A INPUT -p tcp --tcp-flags SYN,ACK,FIN SYN -j DROP

Protection against weak DDOS (SYN flood)

1 answer 1

More articles: