switch OFF syn cookies
Posted
by
Nick
on Server Fault
See other posts from Server Fault
or by Nick
Published on 2012-10-12T09:19:01Z
Indexed on
2012/10/12
9:39 UTC
Read the original article
Hit count: 218
We have several servers they have public IP's, but work together (one is with Load Balancer, orther with Apache Web server, other with MySQL and so on.
Most of the ports are fire-walled, so only "local" servers can be connect there. However ALL servers have some ports that must be publicly open.
We have SYN Cookies enabled and from time to time we got:
possible SYN flooding on port 8080. Sending cookies.
Port 8080 is not public. How we can switch OFF SYN Cookies for some ports (e.g. 8080, 3306 etc) or from some sources (e.g. our servers),
but in same time SYN Cookies to be switched ON for all other ports, e.g. port 80.
We found this similar problem, except our servers are with public IP's: SYN cookies on internal machines
© Server Fault or respective owner