Search found 6 matches
- 2008/05/26 19:18:42
- Forum: CentOS 5 - Networking Support
- Topic: ip_conntrack table full dropping packet
- Replies: 9
- Views: 3876
Re: ip_conntrack table full dropping packet
[quote] NedSlider wrote: Thanks for posting back with your solution. Thinking out loud, I wonder if one could disable ip_conntrack and stateful packet inspection, and just use stateless inspection accepting every packet for a given port.[/quote] If you would disable it the server would be vurnable t...
- 2008/05/22 02:59:40
- Forum: CentOS 5 - Networking Support
- Topic: ip_conntrack table full dropping packet
- Replies: 9
- Views: 3876
Re: ip_conntrack table full dropping packet
[quote] n3r0x wrote: I got: # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max 220000 This fills in approx 1hour due to heavy DoS attacks. My iptables filters the attack but ip_conntrack gets full to fast. And therefor they manage to put my website down.. Been googeling for hours and all i see is h...
- 2008/05/12 13:09:27
- Forum: CentOS 5 - Networking Support
- Topic: ip_conntrack table full dropping packet
- Replies: 9
- Views: 3876
ip_conntrack table full dropping packet
I got: # cat /proc/sys/net/ipv4/netfilter/ip_conntrack_max 220000 This fills in approx 1hour due to heavy DoS attacks. My iptables filters the attack but ip_conntrack gets full to fast. And therefor they manage to put my website down.. Been googeling for hours and all i see is higher ip_conntrack_ma...
- 2008/02/08 10:07:03
- Forum: CentOS 5 - Security Support
- Topic: CTM Flood and Apache 2.0
- Replies: 3
- Views: 1358
CTM Flood and Apache 2.0
Hi. Im running a website that is under constant CTM Attacks (Verlihub DDoS), SynFlood and all other shitty things the attacker can come up with. My question is: Is there a way to set up a package scanner so i can see the full protocol send to it? Allso is there a way to block certain protocols in a ...
- 2007/08/18 11:40:06
- Forum: CentOS 5 - Security Support
- Topic: IPtables manual
- Replies: 5
- Views: 1898
Re: IPtables manual
OK thx will have a look on that today..
Someone trying and currently succeeding in killing my website with multicast and synflood..:(
Someone trying and currently succeeding in killing my website with multicast and synflood..:(
- 2007/08/13 00:13:05
- Forum: CentOS 5 - Security Support
- Topic: IPtables manual
- Replies: 5
- Views: 1898
IPtables manual
Hi! Any1 know where i can find some online documentation on the version of iptables that is in the CentOS 5.0 cd. I got one iptable script i have used for a long time on both Debian, Slackaware 10.0 + 10.1 + 11.0, Gentoo, Ubuntu, Kubuntu & Knoppix. But on CentOS all rules doesnt work, so if any1 can...