Linux-Bulgaria.ORG
навигация

 

начало

пощенски списък

архив на групата

семинари ...

документи

как да ...

 

 

Предишно писмо Следващо писмо Предишно по тема Следващо по тема По Дата По тема (thread)

Re: lug-bg: dst cache overflow

  • Subject: Re: lug-bg: dst cache overflow
  • From: stoyan@xxxxxxxxxxxxxxx (Stoyan Jekov)
  • Date: Wed, 04 Jul 2001 08:54:24 +0900


> > Niakoi da ima ideia kakwo znachi slednia otkas ot /var/log/messages:
> >
> > Jul  3 15:48:27 apic5 kernel: possible SYN flooding on port 80. Sending
> > cookies.
> > Jul  3 15:49:07 apic5 kernel: dst cache overflow

Ot arhivite na linux-kernel mailing list:

"This appears
to happen more frequently when the machines are loaded down CPU wise and
usually sustain over 3Mbits/sec of network traffic.  This is happening
on
several machines with similar configurations.  Each machine has about
2000
active tcp connections on them and CPU usage is typically over 75%."

Vuzmozno  re6enie:
URL: [ http://search.luky.org/linux-kernel.2000/msg09243.html ]

George Danchev wrote:
> 
> predpolagam  problema e 4e si razreshil i compiliral v kernel-a s support na:
> IP: TCP syncoockie support
> 
> koeto moje da dovede do problemi ako mashinata e natowarena
> opitai da go izklu4ish :
> 
> echo 0 > /proc/sys/net/ipv4/tcp_syncoockie
> 

Syncoockies niamat ni6to ob6to s problema. Syncookies sa prosto
izbrani po specialen na4in id-ta za SYN packetite (opit za
na4alo na connection), na koito client triabva da otgovori.
Prilozenieto im: anti-DoS -> server zapo4va da priema samo paketi,
koito otgovariat s pravilen ACT na SYN (TCP/IP three-way handshake)


--
Stoyan Jekov          stoyan [AT] silveregg [DOT] co [DOT] jp
SilverEgg Technology Co.,Ltd.     http://www.silveregg.co.jp/
Phone: 06-6386-1931                         Fax: 06-6386-2101
==== "Security begins as a state of mind." -> NSA manual ====
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora

 
наши приятели

 

линукс за българи
http://linux-bg.org

FSA-BG
http://fsa-bg.org

OpenFest
http://openfest.org

FreeBSD BG
http://bg-freebsd.org

KDE-BG
http://kde.fsa-bg.org/

Gnome-BG
http://gnome.cult.bg/

проект OpenFMI
http://openfmi.net

NetField Forum
http://netField.ludost.net/forum/

 

 

Linux-Bulgaria.ORG

Mailing list messages are © Copyright their authors.