server under a SYN attack | Linux Server Support for Business-ServerSignature, Linux Webhosting Support, Linux Remote Support, Redhat Cpanel WHM Support

server under a SYN attack

If you believe you are under a SYN attack, run the following command:

netstat -an |grep :80 |more

You will see a list like the following, however there will be serveral hundred entries with

SYN_RECV

Assuming your kernel was built with syncookie support, execute the following command as root:

echo 1 > /proc/sys/net/ipv4/tcp_syncookies

admin's blog