3 Nov
2019
3 Nov
'19
8:20 p.m.
Hello,
On Sun, Nov 03, 2019 at 07:00:54PM +0000, Gavin Westwood wrote:
On 01/11/2019 14:08, Andy Smith wrote:
But I am not seeing alerts for your DNS server, so they are
probably doing their job.
If your SYN queue was being filled no new connections to your DNS
server would be possible. So this is more evidence that what is
being seen is a SYN flood and SYN cookies do help.
Another customer is seeing flapping alerts for Apache httpd. SYN
cookies did not help there, but I do not know the exact nature of
the problem there (eve if they are seeing a SYN flood).
Cheers,
Andy
--
https://bitfolk.com/ -- No-nonsense VPS hosting
Those of you who are seeing alerts, do you have
SYN cookies enabled
and if not, does enabling them stop it happening?
This is appearing on my console:
TCP: request_sock_TCP: Possible SYN flooding on port 25. Sending
cookies. Check SNMP counters.
And SYN cookies are enabled on my server.