SYN Cookies

Hi,

So yesterday, someone thought it would be funny to SYN flood my server causing everything to lock up.

I did some digging on SYN flood protection and found out about SYN cookies.

However, when I try to enable them in SSH as root using this command:

echo 1 > /proc/sys/net/ipv4/tcp_syncookies

I get an "Operation not permitted" error.

I'm not used to dealing in detail with Linux servers or SSH.

Any help would be appreciated,

Thanks!

 

Are you sure you are logged in as root? If not you can typically do this:

sudo echo 1 > /proc/sys/net/ipv4/tcp_syncookies

Will allow you to perform the command as a privileged user.

Also, off the top of my head - Doublecheck that this file (/proc/sys/net/ipv4/tcp_syncookies) exists; you may have a different linux distro that stores this info differently.

 

See Version 6.2 http://www.faqs.org/docs/securing/chap5sec56.html

 

The command

sudo echo 1 > /proc/sys/net/ipv4/tcp_syncookies

Will NOT work. Allthough the "echo 1" is run as root, redirecting the output into a file (or pseudo file) is done with the permissions of the user.

Run the command

id -a

To find out which user you are currently and if you are not root, use

sudo -s