5.27. Enable TCP SYN Cookie Protection

A SYN Attack is a denial of service DoS attack that consumes all the resources on your machine, forcing you to reboot. Denial of service attacks -attacks which incapacitate a server due to high traffic volume or ones that tie-up system resources enough that the server cannot respond to a legitimate connection request from a remote system) are easily achievable from internal resources or external connections via extranets and Internet. To enable it, you have to do:

[root@deep] /# echo 1 > /proc/sys/net/ipv4/tcp_syncookies

Add the above commands to the /etc/rc.d/rc.local script file and you'll not have to type it again the next time you reboot your system.

Edit the /etc/sysctl.conf file and add the following line:

# Enable TCP SYN Cookie Protection net.ipv4.tcp_syncookies = 1

You must restart your network for the change to take effect. The command to restart the network is the following:

[root@deep] /# /etc/rc.d/init.d/network restart Setting network parameters [ OK ] Bringing up interface lo [ OK ] Bringing up interface eth0 [ OK ] Bringing up interface eth1 [ OK ]

If you receive an error message during execution of the above command, check that you have enabled the TCP syncookies option in your kernel configuration: IP: TCP syncookie support not enabled per default CONFIG_SYN_COOKIES Y/n/?.