possible SYN flooding on port xxxx. Sending cookies.
This could be a form of DOS attack on the box and It is likely to be TCP backlog queue maximum size has been reached.
1). To Ascertain the current maximum size:
# cat /proc/sys/net/ipv4/tcp_max_syn_backlog
1024
Adjust the size, 4096 is recommended unless the box has a minute amount of memory in modern standards (<1Gb).
# echo "4096" >/proc/sys/net/ipv4/tcp_max_syn_backlog
2). To Enable fast recycling TIME-WAIT sockets. add the following to /etc/sysctl.conf, then run 'sysctl -p'
net.ipv4.tcp_tw_recycle = 1
Check dmesg to see if the problem persist.
!
1). To Ascertain the current maximum size:
# cat /proc/sys/net/ipv4/tcp_max_syn_backlog
1024
Adjust the size, 4096 is recommended unless the box has a minute amount of memory in modern standards (<1Gb).
# echo "4096" >/proc/sys/net/ipv4/tcp_max_syn_backlog
2). To Enable fast recycling TIME-WAIT sockets. add the following to /etc/sysctl.conf, then run 'sysctl -p'
net.ipv4.tcp_tw_recycle = 1
Check dmesg to see if the problem persist.
!
Comments
Post a Comment