CentOS

[quote] NedSlider wrote: Thanks for posting back with your solution. Thinking out loud, I wonder if one could disable ip_conntrack and stateful packet inspection, and just use stateless inspection accepting every packet for a given port.[/quote] If you would disable it the server would be vurnable t...

[quote] n3r0x wrote: I got: # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max 220000 This fills in approx 1hour due to heavy DoS attacks. My iptables filters the attack but ip_conntrack gets full to fast. And therefor they manage to put my website down.. Been googeling for hours and all i see is h...

I got: # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max 220000 This fills in approx 1hour due to heavy DoS attacks. My iptables filters the attack but ip_conntrack gets full to fast. And therefor they manage to put my website down.. Been googeling for hours and all i see is higher ip_conntrack_ma...

Hi. Im running a website that is under constant CTM Attacks (Verlihub DDoS), SynFlood and all other shitty things the attacker can come up with. My question is: Is there a way to set up a package scanner so i can see the full protocol send to it? Allso is there a way to block certain protocols in a ...

OK thx will have a look on that today..

Someone trying and currently succeeding in killing my website with multicast and synflood..:(

Hi! Any1 know where i can find some online documentation on the version of iptables that is in the CentOS 5.0 cd. I got one iptable script i have used for a long time on both Debian, Slackaware 10.0 + 10.1 + 11.0, Gentoo, Ubuntu, Kubuntu & Knoppix. But on CentOS all rules doesnt work, so if any1 can...