5 comment

1. What’s the positive and negative aspects of this command? I’m interested what exactly the setting does do :)

2. this will create a timeout to drop this open connections. preventing a syn flood attack.

   regards

3. When i run command

   netstat -an | grep :80 | grep -i syn | wc -l

   I see more than 250 connections, that cause Apache timeout error, is this a fix for this?
   I did like shown in this post, but i can not check will it work because attack passed….

4. HELLO,

   What this person described above is NOT CORRECT!

   This person showed both of these commands;

   sysctl -n net.ipv4.tcp_syncookies
   cat /proc/sys/net/ipv4/tcp_syncookies

   If you NOTICED they have 1 showing, that means it’s ENABLED, so you don’t need to do anything, which they did not explain!

   ONLY do; net.ipv4.tcp_syncookies = 1 if you don’t get a 1 in the cmds!

   1. I’m not too sure why you’re shouting (see RFC1855 about upper case), there are lots of reasons why sysctl -n (…) may report the services as enabled at runtime, it doesn’t mean it’s enabled or disabled in any file (yet). Adding the line in /etc/sysctl.conf won’t have any impact until you reload with sysctl –system or until you reboot, which doesn’t guarantee /proc/sys/net/ipv4/tcp_syncookies will still be enabled.
      From what I can see in the output, `sysctl –system` only sets the value if it is different from the current value.
      Now, if you really wanna be a purist, you’ll check net.ipv4.tcp_syncookies is not already present in /etc/sysctl.conf (it’s commented out in Ubuntu 16) and uncomment the line instead of appending it.

    Have a question? Post it on our forum!