°Ô½Ã¹° 259°Ç
   
[Redhat6.9] possible SYN flooding on port 80. Sending cookies.
±Û¾´ÀÌ : theko ³¯Â¥ : 2019-12-06 (±Ý) 14:56 Á¶È¸ : 2254
possible SYN flooding on port 80. Sending cookies.


### Syn Flooding °ø°Ý ½Ã ¹ß»ýÇÏ´Â ·Î±× ÀÌ´Ù.

Syn Flooding °ø°ÝÀ̶õ?

Dos°ø°ÝÀ¸·Î SYNÆ®·¡ÇÈÀ» ¹ß»ý½ÃÄÑ ¼­¹ö °¡¿ë·® ¸®¼Ò½º¸¦ ¼Ò¸ðÇÏ´Â °ø°ÝÀÌ´Ù.

tcp Åë½ÅÀº 3 way handshacke·Î Åë½ÅÀ» ÇÑ´Ù


¼­¹ö´Â ACK ÆÐŶÀ» ±â´Ù¸®´Â SYN_RECVIED »óÅ·ΠµÈ´Ù.
SYNÆÐŶÀÌ ¹é·Î±×Å¥¿¡ ÀúÀåµÇ´Ù°¡ °á±¹ ²Ë Â÷°ÔµÇ¾î ¿¬°áÀ» °ÅºÎÇÏ´Â »óÅ°¡ µÈ´Ù.



#### Syn Flooding °ø°Ý È®ÀÎ

# netstat -anp | grep -i syn_recv 

tcp 0 0 61.250.171.252:28004 94.9.83.63:3072 SYN_RECV
tcp 0 0 61.250.171.252:28004 3.7.244.2:3072 SYN_RECV
tcp 0 0 61.250.171.252:28004 48.32.206.32:3072 SYN_RECV


#### Syn Flooding °ø°Ý ¹æ¾î

# cat /proc/sys/net/ipv4/tcp_max_syn_backlog (¹é·Î±×Å¥ »çÀÌÁî UP)
1024 
- 1024 ÀÌ»óÀ¸·Î ¼³Á¤


# cat /proc/sys/net/ipv4/tcp_syncookies  (syncookies °ª º¯°æ)
0 -> 1
















Ãâó: https://jjinisystem.tistory.com/10 [IT BOX]

À̸§ Æнº¿öµå
ºñ¹Ð±Û (üũÇÏ¸é ±Û¾´À̸¸ ³»¿ëÀ» È®ÀÎÇÒ ¼ö ÀÖ½À´Ï´Ù.)
¿ÞÂÊÀÇ ±ÛÀÚ¸¦ ÀÔ·ÂÇϼ¼¿ä.
   

miwit.com sir.co.kr DNS Powered by DNSEver.com DNS Powered by DNSEver.com
ȸ»ç¼Ò°³ | ÀÌ¿ë¾à°ü | °³ÀÎÁ¤º¸Ãë±Þ¹æħ | Ã¥ÀÓÀÇÇÑ°è¿Í ¹ýÀû°íÁö | À̸ÞÀϹ«´Ü¼öÁý°ÅºÎ | ÀÌ¿ë¾È³»
Copyright ¨Ï http://board.theko.co.kr. All rights reserved.